exploitDog

CVE-2025-11697

Опубликовано: 11 нояб. 2025

Источник: nvd

EPSS Низкий

Описание

A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.

Ссылки

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1760.html

EPSS

Процентиль: 6%

0.00024

Низкий

Дефекты

CWE-200

Связанные уязвимости

GHSA-j5j6-gp3m-h3vx

github

3 месяца назад

A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.

EPSS

Процентиль: 6%

0.00024

Низкий

Дефекты

CWE-200