CVE-2026-9108
Studio 5000 Logix Designer® – Multiple Vulnerabilities
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A path traversal security issue exists within Studio 5000 Logix Designer® due to improper limitation of file paths within ACD project files. The software does not sanitize or validate file names embedded in the ACD file structure during the project opening procedure, allowing path traversal sequences to escape the intended extraction directory. If exploited, an attacker could craft a malicious ACD project file that results in arbitrary files being written to attacker-controlled locations on the file system, potentially leading to code execution.
| CWE | CWE-22 |
| Vendor | rockwell automation |
| Product | studio 5000 logix designer |
| Published | Jul 14, 2026 |
| Last Updated | Jul 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for rockwell automation studio 5000 logix designer
Be the first to know when new unknown vulnerabilities affecting rockwell automation studio 5000 logix designer are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Rockwell Automation / Studio 5000 Logix Designer
V36.00, 35.00,35.01, 34.00-34.03, 33.00-33.03, 32.00-32.04 and older