CVE-2021-22665
HIGHRockwell Automation DriveTools SP <5.13 - Privilege Escalation
Title source: llmDescription
Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-21-042-02
Permissions Required, Vendor Advisory x_refsource_misc
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129798
Scores
CVSS v3
7.8
EPSS
0.0000
EPSS Percentile
0.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-427
Status
published
Products (2)
rockwellautomation/drivetools_add-on_profiles
< 4.12
rockwellautomation/drivetools_sp
< 5.13
Published
Mar 18, 2021
Tracked Since
Feb 18, 2026