EXPLOITDB-EDB-47676

EXPLOITDB text WRITEUP
Exploit for CVE-2019-25276 - Studio 5000 Logix Designer 30.01.00 - Privilege Escalation
AI Analysis

This is a writeup describing an unquoted service path vulnerability in Rockwell Automation's FactoryTalk Activation Service. The vulnerability could allow local privilege escalation if an attacker can place an executable in a path that the service resolves due to unquoted spaces.

Attack Type
LPE
Complexity
moderate
Reliability
theoretical
MITRE ATT&CK
T1574.009 - Path Interception by Unquoted Path
Loading exploit code...
Download ZIP Password: eip
Source
Platform Exploitdb
Type local
Platform windows
Language text
Files 1
Authors
Luis Martínez Luis Martinez
Vulnerability
CVE-2019-25276
Studio 5000 Logix Designer 30.01.00 - Privilege Escalation
HIGH
CVSS 7.8