CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-29460 – Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-29460
09 May 2023 — An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of confidentiality, integrity, and availability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to expl... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139391 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-13527 – Rockwell Automation Arena Simulation DOE File Parsing Uninitialized Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-13527
24 Sep 2019 — In Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier, a maliciously crafted Arena file opened by an unsuspecting user may result in the use of a pointer that has not been initialized. En Rockwell Automation Arena Simulación Software Cat. 9502-Axe, versiones 16.00.00 y anteriores, un archivo Arena diseñado con fines maliciosos abierto por parte de un usuario desprevenido puede resultar en el uso de un puntero que no ha sido inicializado. This vulnerability allows remot... • https://www.us-cert.gov/ics/advisories/icsa-19-213-05 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13521 – Rockwell Automation Arena Simulation DOE File Insufficient UI Warning Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-13521
09 Sep 2019 — A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities. Un archivo de programa diseñado con fines maliciosos abierto por parte de un usuario desprevenido de Rockwell Automation Arena Simulation Software versión 16.00.... • https://www.us-cert.gov/ics/advisories/icsa-19-213-05 • CWE-357: Insufficient UI Warning of Dangerous Operations •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13519 – Rockwell Automation Arena Simulation DOE File Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-13519
09 Sep 2019 — A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities. Un archivo de programa creado con fines maliciosos abierto por parte de un usuario desprevenido de Rockwell Automation Arena Simulation Software versión 16.00.00... • https://www.us-cert.gov/ics/advisories/icsa-19-213-05 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-13510 – Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-13510
15 Aug 2019 — Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code. Rockwell Automation Arena Simulation Software versiones 16.00.00 y anteriores, contiene una vulnerabilidad de USO DE MEMORIA PREVIAMENTE LIBERADA CWE-416. Un archivo Arena diseñado maliciosamente abierto por parte de un usuario desprevenido puede resultar en el b... • https://www.us-cert.gov/ics/advisories/icsa-19-213-05 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13511 – Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-13511
15 Aug 2019 — Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation. Rockwell Automation Arena Simulation Software versiones 16.00.00 y anteriores, contienen una EXPOSICIÓN DE INFORMACIÓN CWE-200. Un archivo Arena creado con fines maliciosos abierto por parte de un usuario desprevenido puede resultar en la expos... • https://www.us-cert.gov/ics/advisories/icsa-19-213-05 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-416: Use After Free •