CISA has published an advisory on an incorrect permission assignment for critical resource vulnerability in Rockwell Automation RSLinx Classic. Versions 4.11.00 and prior are affected. Successful exploitation of this vulnerability could allow a local authenticated attacker to execute malicious code when opening RSLinx Classic. For Versions 3.60 to 4.11, Rockwell Automation recommends users apply patch 1091155. Affected users are encouraged to apply the most recent version of RSLinx Classic. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!