Rockwell Automation RSLinx Classic < 4.00.01 Local Privilege Escalation
Medium Nessus Plugin ID 110534
SynopsisAn application running on the remote host is affected by a local privilege escalation vulnerability.
DescriptionThe remote host has a version of RSLinx Classic installed that is prior to 4.00.01. It is, therefore, affected by a local privilege escalation vulnerability due to an unquoted path for a Windows service.
A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service.
SolutionUpgrade to Rockwell Automation RSLinx Classic version 4.00.01 or later.