Remote Code Execution in Studio 5000 Logix Designer by Rockwell Automation
CVE-2026-9127
7.3HIGH
Key Information:
- Vendor
Rockwell Automation
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-9127?
A security flaw identified in Studio 5000 Logix Designer enables unauthorized modification of configuration files. This misconfiguration allows any authenticated user to redefine external tool paths within the application. If maliciously exploited, an attacker can redirect these tools to execute arbitrary code, posing significant risks whenever users interact with the external functionality of the software.
Affected Version(s)
Studio 5000 Logix Designer V35.00,34.00,34.01, 33.00,33.02, 32.00-32.04 and older