An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation.
[
{
"product": "Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "RSLinx Classic Versions 3.90.01 and prior, FactoryTalk Linx Gateway Versions 3.90.00 and prior."
}
]
}
]