CVE-2026-9127

Summary

A remote code execution security issue exists within Studio 5000 Logix Designer® due to incorrect authorization on a configuration file. This can allow any authenticated user to modify the paths of external tools configured within the application. If exploited, an attacker could alter the configuration to point to a malicious executable, resulting in arbitrary code execution when any user interacts with the external tools functionality.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationStudio 5000 Logix DesignerV35.00,34.00,34.01, 33.00,33.02, 32.00-32.04 and olderaffected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References