The vulnerability of the Rockwell Automation Emulate3D software for virtual modeling of equipment and manufacturing processes lies in improper external control of file names or file paths, allowing a hacker to execute arbitrary code.

🗓️ 09 Oct 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Rockwell Emulate3D flaw allows file name and DLL manipulation during loading, enabling execution.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-6079	13 Aug 202421:18	–	circl
CVE	CVE-2024-6079	13 Aug 202417:46	–	cve
Cvelist	CVE-2024-6079 DLL Hijacking Vulnerability Exists in Rockwell Automation Emulate3D™	13 Aug 202417:46	–	cvelist
EUVD	EUVD-2024-47237	3 Oct 202520:07	–	euvd
ICS	Rockwell Automation Emulate3D	22 Aug 202406:00	–	ics
NVD	CVE-2024-6079	13 Aug 202418:15	–	nvd
Positive Technologies	PT-2024-6676 · Rockwell Automation · Emulate3D	17 Jun 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-6079	23 May 202508:51	–	redhatcve
Vulnrichment	CVE-2024-6079 DLL Hijacking Vulnerability Exists in Rockwell Automation Emulate3D™	13 Aug 202417:46	–	vulnrichment

Vulners

Node

rockwell_automation rockwell_automation_emulate3dRange17.00.00.13276–17.00.00.13348

Source	Link
rockwellautomation	www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201683.html
vuldb	www.vuldb.com/
web	www.web.nvd.nist.gov/view/vuln/detail

09 Oct 2024 00:00Current

5.8Medium risk

Vulners AI Score5.8

CVSS 26

CVSS 36.7

EPSS0.00219

Rockwell Emulate3D external file names dynamic link libraries library loading code execution