Memory Corruption Vulnerability in Rockwell Automation Products
CVE-2024-6068

Currently unrated

Key Information:

Vendor: Rockwell Automation
Status: Studio 5000 Logix Designer
Vendor: CVE Published:; 14 November 2024

Summary

A memory corruption issue exists within Rockwell Automation products that affects the parsing of DFT files. Local malicious actors can exploit this vulnerability by enticing legitimate users to open specially crafted DFT files. This can lead to unauthorized information disclosure and the execution of arbitrary code, posing significant security risks to the affected systems.

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

Timeline

Vulnerability published
Nov 14, 2024