A remote code execution security issue exists within Studio 5000 Logix Designer® due to incorrect authorization on a configuration file. This can allow any authenticated user to modify the paths of external tools configured within the application. If exploited, an attacker could alter the configuration to point to a malicious executable, resulting in arbitrary code execution when any user interacts with the external tools functionality.
Metrics
Affected Vendors & Products
References
History
Tue, 14 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Rockwellautomation
Rockwellautomation studio 5000 Logix Designer |
|
| Vendors & Products |
Rockwellautomation
Rockwellautomation studio 5000 Logix Designer |
Tue, 14 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A remote code execution security issue exists within Studio 5000 Logix Designer® due to incorrect authorization on a configuration file. This can allow any authenticated user to modify the paths of external tools configured within the application. If exploited, an attacker could alter the configuration to point to a malicious executable, resulting in arbitrary code execution when any user interacts with the external tools functionality. | |
| Title | Studio 5000 Logix Designer® – Multiple Vulnerabilities | |
| Weaknesses | CWE-863 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: Rockwell
Published:
Updated: 2026-07-14T15:54:46.504Z
Reserved: 2026-05-20T17:48:19.830Z
Link: CVE-2026-9127
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-14T17:30:04Z