漏洞标题
Rockwell Automation 安全事务处理软体 (ISaGRAF) 信任数据解编
漏洞描述信息
罗克韦尔自动化ISaGRAF未受信任数据的反序列化
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Rockwell Automation ISaGRAF Deserialization of Untrusted Data
漏洞描述信息
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
漏洞类别
可信数据的反序列化
漏洞标题
Rockwell Automation Connected Components Workbench 代码问题漏洞
漏洞描述信息
Rockwell Automation Connected Components Workbench是美国罗克韦尔(Rockwell Automation)公司的一个应用软件。一个自动编程软件。 Rockwell Automation Connected Components Workbench 13.00.00版本 ISaGRAF Workbench 6.0版本到6.6.9版本和Safety Instrumented Systems Workstation 1.2版本存在代码问题漏洞,该漏洞源于应用处理
CVSS信息
N/A
漏洞类别
代码问题