Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation ISaGRAF Deserialization of Untrusted Data
Vulnerability Description
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Rockwell Automation Connected Components Workbench 代码问题漏洞
Vulnerability Description
Rockwell Automation Connected Components Workbench是美国罗克韦尔(Rockwell Automation)公司的一个应用软件。一个自动编程软件。 Rockwell Automation Connected Components Workbench 13.00.00版本 ISaGRAF Workbench 6.0版本到6.6.9版本和Safety Instrumented Systems Workstation 1.2版本存在代码问题漏洞,该漏洞源于应用处理
CVSS Information
N/A
Vulnerability Type
N/A