Vulnerabilities (CVE)

Filtered by vendor Rockwellautomation Subscribe
Filtered by product Factorytalk Activation
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-6015 1 Rockwellautomation 1 Factorytalk Activation 2024-11-21 7.2 HIGH 7.8 HIGH
Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8, CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation, Version 4.01, which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation, Version 4.01 or later.