All news with #aadvance-trusted sis workstation tag

AADvance Trusted SIS Workstation: Rockwell Automation Flaw

⚠️ Rockwell Automation's AADvance-Trusted SIS Workstation has a directory traversal vulnerability (CWE-22) in DotNetZip (v1.16.0 and earlier) that can enable remote code execution if a user opens a crafted file. The issue is tracked as CVE-2024-48510 and has a CVSS v4 base score of 8.6 (CVSS v3.1 8.8). Affected versions are 2.00.00 through 2.00.04; Rockwell reports the defect is corrected in Version 2.01.00. Users unable to immediately upgrade should follow vendor guidance, minimize network exposure of control devices, isolate control networks, use secure remote access, and contact Rockwell support for assistance.