Loading

Studio 5000 Logix Designer® – Arbitrary Code Execution Vulnerability

Severity:
High
Advisory ID:
SD1734
Data pubblicazione:
August 14, 2025
Ultimo aggiornamento:
August 14, 2025
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Sì
Workaround:
No
CVE IDs
CVE-2025-7971
Download
The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:
JSON
Riepilogo

Published Date: 8/14/2025 
Last Updated: 8/14/2025 
Revision Number: 1.0 
CVSS Score: 7.5/10 

The security of our products is important to us as your chosen industrial automation supplier. This anomaly was found internally during routine testing and is being reported based on our commitment to customer transparency and to improve their business or production environments. 

AFFECTED PRODUCTS AND SOLUTION

Affected Product 

CVE 

First Known in Software Version 

Corrected in Software Version 

Studio 5000 Logix Designer  

CVE-2025-7971 

36.00.02 

V37.00.02 

 

VULNERABILITY DETAILS

Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities. 

CVE-2025-7971 IMPACT

A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash. 

CVSS 3.1 Base Score: 7.5 
CVSS 3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:C/C:H/I:H/A:H

CVSS 4.0 Base Score: 7.3
CVSS 4.0 Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE: CWE-20: Improper Input Validation 
Known Exploited Vulnerability (KEV) database: No 

Mitigations and Workarounds 
Users should update to the corrected version if possible. If users using the affected software are not able to upgrade the version, security best practices should be applied.  

  • Security Best Practices

 

Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left Home Rockwell Automation Chevron RightChevron Right
  2. Chevron LeftChevron Left Trust Center Chevron RightChevron Right
  3. Chevron LeftChevron Left Industrial Security Adv Chevron RightChevron Right
  4. Chevron LeftChevron Left Industrial Security Advisory Detail Chevron RightChevron Right
Aggiorna le tue preferenze sui cookie per continuare.
Questa funzionalità richiede i cookie per migliorare la tua esperienza. Ti preghiamo di aggiornare le tue preferenze per consentire questi cookie:
  • Cookie dei social media
  • Cookie funzionali
  • Cookie di prestazione
  • Cookie di marketing
  • Tutti i cookie
Puoi aggiornare le tue preferenze in qualsiasi momento. Per ulteriori informazioni consultare il nostro {0} politica sulla riservatezza
CloseClose