CVE-2022-3156
HIGH WAF: Low
CVSS 7.8
Published: 2022-12-27
CWE-287 CWE-287
A remote code execution vulnerability exists in Rockwell Automation Studio 5000 Logix Emulate software. Users are granted elevated permissions on certain product services when the software is installed. Due to this misconfiguration, a malicious user could potentially achieve remote code execution on the targeted software.
WAF Coverage Analysis
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Affected Software
| Vendor | Product | Version |
|---|---|---|
| rockwellautomation | studio_5000_logix_emulate | 20.011 - 34.00 |
References
- rockwellautomation.custhelp.com (Vendor Advisory)