A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute a DLL Hijacking attack. The application loads shared libraries, which are readable and writable by any user. If exploited, a malicious user could leverage a malicious dll and perform a remote code execution attack.
History

Wed, 21 Aug 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Rockwellautomation
Rockwellautomation emulate3d
CPEs cpe:2.3:a:rockwellautomation:emulate3d:*:*:*:*:*:*:*:*
Vendors & Products Rockwellautomation
Rockwellautomation emulate3d
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 13 Aug 2024 18:00:00 +0000

Type Values Removed Values Added
Description A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute a DLL Hijacking attack. The application loads shared libraries, which are readable and writable by any user. If exploited, a malicious user could leverage a malicious dll and perform a remote code execution attack.
Title DLL Hijacking Vulnerability Exists in Rockwell Automation Emulate3D™
Weaknesses CWE-610
References
Metrics cvssV4_0

{'score': 5.4, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2024-08-13T17:46:24.950Z

Updated: 2024-08-21T16:44:29.747Z

Reserved: 2024-06-17T16:43:06.697Z

Link: CVE-2024-6079

cve-icon Vulnrichment

Updated: 2024-08-14T13:43:08.271Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-08-13T18:15:32.443

Modified: 2024-08-14T02:07:05.410

Link: CVE-2024-6079

cve-icon Redhat

No data.