Vulnerability Details : CVE-2011-2957
Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.ftd) configuration file, which triggers memory corruption.
Vulnerability category: Memory CorruptionExecute code
Products affected by CVE-2011-2957
- cpe:2.3:a:rockwellautomation:factorytalk_diagnostics_viewer:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwellautomation:factorytalk_diagnostics_viewer:2.10.01:*:*:*:*:*:*:*
- cpe:2.3:a:rockwellautomation:factorytalk_diagnostics_viewer:2.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-2957
0.02%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 1 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-2957
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
References for CVE-2011-2957
-
http://www.us-cert.gov/control_systems/pdf/ICSA-11-175-01.pdf
404 - File Not Found | CISAUS Government Resource
-
http://rockwellautomation.custhelp.com/app/answers/detail/a_id/448424
Rockwell Automation - Sign In
-
http://www.securityfocus.com/bid/48962
Rockwell Automation FactoryTalk Diagnostics Viewer '.ftd' File Remote Code Execution Vulnerability
Jump to