Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation Connected Components Workbench Deserialization of Untrusted Data
Vulnerability Description
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Rockwell Automation Connected Components Workbench 代码问题漏洞
Vulnerability Description
Rockwell Automation Connected Components Workbench是美国罗克韦尔(Rockwell Automation )公司的一个应用软件。一个自动编程软件。 Rockwell Automation Connected Components Workbench 12.00.00版本及之前存在代码问题漏洞。该漏洞源于程序的组件工作台不限制可以反序列化的对象,攻击者可以利用该漏洞远程执行代码。
CVSS Information
N/A
Vulnerability Type
N/A