CVE-2026-9128
Studio 5000 Logix Designer® – Multiple Vulnerabilities
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A code execution security issue exists within Studio 5000 Logix Designer® due to an unquoted search path in the External Tools configuration. The executable paths specified in the external tools configuration file are not properly quoted, and because these paths contain spaces, the operating system may resolve them to unintended executables placed earlier in the search order. If exploited, an attacker could plant a malicious executable in a location within the search path, resulting in arbitrary code execution with the same permissions of the user running the application.
| CWE | CWE-428 |
| Vendor | rockwell automation |
| Product | studio 5000 logix designer |
| Published | Jul 14, 2026 |
| Last Updated | Jul 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for rockwell automation studio 5000 logix designer
Be the first to know when new unknown vulnerabilities affecting rockwell automation studio 5000 logix designer are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Rockwell Automation / Studio 5000 Logix Designer
V35.00, 34.00-34.02, 33.00-33.02, 32.00-32.04 and older