Description
A remote code execution security issue exists within Studio 5000 Logix Designer® due to incorrect authorization on a configuration file. This can allow any authenticated user to modify the paths of external tools configured within the application. If exploited, an attacker could alter the configuration to point to a malicious executable, resulting in arbitrary code execution when any user interacts with the external tools functionality.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Tue, 14 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Rockwellautomation
Rockwellautomation studio 5000 Logix Designer |
|
| Vendors & Products |
Rockwellautomation
Rockwellautomation studio 5000 Logix Designer |
Tue, 14 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A remote code execution security issue exists within Studio 5000 Logix Designer® due to incorrect authorization on a configuration file. This can allow any authenticated user to modify the paths of external tools configured within the application. If exploited, an attacker could alter the configuration to point to a malicious executable, resulting in arbitrary code execution when any user interacts with the external tools functionality. | |
| Title | Studio 5000 Logix Designer® – Multiple Vulnerabilities | |
| Weaknesses | CWE-863 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: Rockwell
Published:
Updated: 2026-07-14T15:54:46.504Z
Reserved: 2026-05-20T17:48:19.830Z
Link: CVE-2026-9127
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-14T17:30:04Z
Weaknesses
-
CWE-863
Incorrect Authorization