Primary

Context

Rockwell Automation Studio 5000 Simulation Interface Server-Side Request Forgery Vulnerability

Vulnerability

A local server-side request forgery (SSRF) vulnerability has been identified in Rockwell Automation's Studio 5000 Simulation Interface, affecting version 2.02 and prior. This vulnerability allows any Windows user on the system to send outbound SMB requests, potentially capturing NTLM hashes.

Impact

Exploitation of this vulnerability allows for server-side request forgery, with the possibility of intercepting NTLM authentication hashes.

Remediation

Users can upgrade to version 3.0.0 to address this vulnerability. Instructions for downloading the updated version are available on the Rockwell Automation Compatibility Center.

Added: Nov 11, 2025, 2:20 PM

Updated: Nov 11, 2025, 2:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

3.3

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

3.3

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation Studio 5000 Simulation Interface Server-Side Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating