Vulnerability Description
Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Factorytalk Services Platform | <= 2.70.00 |
| Rockwellautomation | Factorytalk View Studio | <= 8.00.00 |
References
- https://ics-cert.us-cert.gov/advisories/ICSA-15-062-02Third Party AdvisoryUS Government Resource
- https://rockwellautomation.custhelp.com/app/answers/detail/a_id/646323
- https://ics-cert.us-cert.gov/advisories/ICSA-15-062-02Third Party AdvisoryUS Government Resource
- https://rockwellautomation.custhelp.com/app/answers/detail/a_id/646323
FAQ
What is CVE-2014-9209?
CVE-2014-9209 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local us...
How severe is CVE-2014-9209?
CVE-2014-9209 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-9209?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Factorytalk Services Platform, Rockwellautomation Factorytalk View Studio.