CVE-2014-9209

EUVD-2014-9034
Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
rockwellautomationfactorytalk_services_platform
𝑥
≤ 2.70.00
rockwellautomationfactorytalk_view_studio
𝑥
≤ 8.00.00
𝑥
= Vulnerable software versions
References
https://ics-cert.us-cert.gov/advisories/ICSA-15-062-02
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/646323
https://ics-cert.us-cert.gov/advisories/ICSA-15-062-02
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/646323