Arbitrary Code Execution via Crafted FactoryTalk Diagnostics Viewer Configuration File

Arbitrary Code Execution via Crafted FactoryTalk Diagnostics Viewer Configuration File

CVE-2011-2957 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.ftd) configuration file, which triggers memory corruption.

Learn more about our User Device Pen Test.