{“lastseen”:””,”description”:”A local code execution security issue exists within Studio 5000\u00ae Simulation Interface\u2122 via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.”,”published”:”2025-11-11T13:49:49.524Z”,”modified”:”2025-11-11T13:49:49.524Z”,”type”:”cve”,”title”:”Studio 5000 \u00ae Simulation Interface Local Code Execution”,”source”:”Rockwell”,”references”:”https:\/\/www.rockwellautomation.com\/en-us\/trust-center\/security-advisories\/advisory.SD1760.html”,”id”:”CVE-2025-11697″,”bulletinFamily”:””,”cwe”:[“CWE-200″],”cvelist”:null,”sourceData”:”Rockwell Automation Studio 5000 \u00ae Simulation Interface 2.02 and prior”,”sourceHref”:””,”cvss”:{“score”:8.9,”severity”:”HIGH”,”vector”:”CVSS:4.0\/AV:L\/AC:L\/AT:P\/PR:N\/UI:N\/VC:H\/VI:H\/VA:H\/SC:H\/SI:H\/SA:H”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Studio 5000 \u00ae Simulation Interface”,”version”:”2.02 and prior”,”vendor”:”Rockwell Automation”,”ai_description”:”Local code execution vulnerability in Studio 5000 Simulation Interface via API, allowing execution of scripts with Administrator privileges”,”ai_severity”:”High”,”ai_vendor”:”Rockwell Automation”,”ai_product”:”Studio 5000 Simulation Interface”,”ai_version”:”2.02 and prior”,”ai_score”:8.9}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”A local code execution security issue exists within Studio 5000\u00ae Simulation Interface\u2122 via the API. This vulnerability allows any Windows user on the system to…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,113,12,15,13,7,11,5],"class_list":["post-25895","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-89","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n