Privilege Escalation and System Takeover Vulnerability in Rockwell Automation DriveTools SP and Drives AOP

Privilege Escalation and System Takeover Vulnerability in Rockwell Automation DriveTools SP and Drives AOP

CVE-2021-22665 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system.

Learn more about our Web Application Penetration Testing UK.