🔐 CVE Alert

CVE-2026-9108

UNKNOWN 0.0

Studio 5000 Logix Designer® – Multiple Vulnerabilities

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

A path traversal security issue exists within Studio 5000 Logix Designer® due to improper limitation of file paths within ACD project files. The software does not sanitize or validate file names embedded in the ACD file structure during the project opening procedure, allowing path traversal sequences to escape the intended extraction directory. If exploited, an attacker could craft a malicious ACD project file that results in arbitrary files being written to attacker-controlled locations on the file system, potentially leading to code execution.

CWE CWE-22
Vendor rockwell automation
Product studio 5000 logix designer
Published Jul 14, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for rockwell automation studio 5000 logix designer

Be the first to know when new unknown vulnerabilities affecting rockwell automation studio 5000 logix designer are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Rockwell Automation / Studio 5000 Logix Designer
V36.00, 35.00,35.01, 34.00-34.03, 33.00-33.03, 32.00-32.04 and older

References

NVD ↗ CVE.org ↗ EPSS Data ↗
rockwellautomation.com: https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1783.html