CVE-2014-9209
Summary
| CVE | CVE-2014-9209 |
|---|---|
| State | PUBLISHED |
| Assigner | icscert |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-03-31 01:59:19 UTC |
| Updated | 2026-05-06 22:30:45 UTC |
| Description | Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. |
Risk And Classification
Primary CVSS: v2.0 6.9 from [email protected]
AV:L/AC:M/Au:N/C:C/I:C/A:C
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
MediumAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:L/AC:M/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Rockwellautomation | Factorytalk Services Platform | All | All | All | All |
| Application | Rockwellautomation | Factorytalk View Studio | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Rockwell Automation FactoryTalk DLL Hijacking Vulnerabilities | ICS-CERT | af854a3a-2127-422b-91ae-364da2661108 | ics-cert.us-cert.gov | Third Party Advisory, US Government Resource |
| This is the Legacy Answer page, redirecting you to the new page. | af854a3a-2127-422b-91ae-364da2661108 | rockwellautomation.custhelp.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.