CVE-2020-10642

Summary

In Rockwell Automation RSLinx Classic versions 4.11.00 and prior, an authenticated local attacker could modify a registry key, which could lead to the execution of malicious code using system privileges when opening RSLinx Classic.

Affected Software

VendorProductVersion RangeStatus
n/aRockwell Automation RSLinx Classic versions 4.1.00 and priorRockwell Automation RSLinx Classic versions 4.1.00 and prioraffected

Weaknesses

  • CWE-732: INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732

ADP Enrichment

CVE Program Container

Additional References

References