CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-8843 – Rockwell Automation Arena File Parsing SmAnim Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8843
Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data.. Rockwell Automation Arena, en versiones 15.10.00 y anteriores, contiene una vulnerabilidad de uso de memoria previamente liberada (user-after-free) provocada por el procesamiento de archivos Arena Simulation Software especialmente manipulados que podrían provocar el cierre inesperado de la aplicación de software, pudiendo perder cualquier dato no guardado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Rockwell Automation Arena. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of an Arena Model file. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • http://www.securityfocus.com/bid/104166 https://ics-cert.us-cert.gov/advisories/ICSA-18-130-02 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6015
https://notcve.org/view.php?id=CVE-2017-6015
Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8, CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation, Version 4.01, which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation, Version 4.01 or later. • http://www.securityfocus.com/bid/96996 https://ics-cert.us-cert.gov/advisories/ICSA-17-047-02 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/939382 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-428: Unquoted Search Path or Element •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2017-14466
https://notcve.org/view.php?id=CVE-2017-14466
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG Description: The filetype 0x03 allows users write access, allowing the ability to overwrite the Master Password value stored in the file. Existe una vulnerabilidad explotable de control de acceso en las funcionalidades data, program y function file de Allen Bradley Micrologix 1400 Series B FRN, en versiones 21.2 y anteriores. • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0443 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2017-14465
https://notcve.org/view.php?id=CVE-2017-14465
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE Description: Any input or output can be forced, causing unpredictable activity from the PLC. Existe una vulnerabilidad explotable de control de acceso en las funcionalidades data, program y function file de Allen Bradley Micrologix 1400 Series B FRN, en versiones 21.2 y anteriores. • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0443 •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 1CVE-2017-12089
https://notcve.org/view.php?id=CVE-2017-12089
An exploitable denial of service vulnerability exists in the program download functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a device fault resulting in halted operations. An attacker can send an unauthenticated packet to trigger this vulnerability. Existe una vulnerabilidad explotable de denegación de servicio (DoS) en la funcionalidad de descarga de programas de Allen Bradley Micrologix 1400 Series B FRN, en versiones 21.2 y anteriores. Un paquete especialmente manipulado puede provocar un error en el dispositivo, lo que resulta en la interrupción de las operaciones. • https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0441 •