Information disclosure in Rockwell Automation Studio 5000 ® Simulation Interface

CVE-2025-11697

A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts…

Vulnerability class: Information Disclosure

EPSS: 0.001 (2.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References