A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVESE, and 9328-CCWDEVPTE; and Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier. Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim's affected personal computer. Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges.
2017-05-19T03:29:00.293
2025-04-20T01:37:25.860
Deferred
CVSSv3.0: 7.0 (HIGH)
AV:L/AC:H/Au:N/C:C/I:C/A:C
1.9
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | rockwellautomation | connected_components_workbench | ≤ 9.01.00 | Yes |
| Hardware | rockwellautomation | 9328-ccwdevdee | - | No |
| Hardware | rockwellautomation | 9328-ccwdevene | - | No |
| Hardware | rockwellautomation | 9328-ccwdevese | - | No |
| Hardware | rockwellautomation | 9328-ccwdevfre | - | No |
| Hardware | rockwellautomation | 9328-ccwdevite | - | No |
| Hardware | rockwellautomation | 9328-ccwdevpte | - | No |
| Hardware | rockwellautomation | 9328-ccwdevzhe | - | No |
| Operating System | rockwellautomation | connected_components_workbench | ≤ 9.01.00 | Yes |