Lucene search
K

209 matches found

NVD
NVD
added 2023/10/27 7:15 p.m.21 views

CVE-2023-27858

Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application. The threat-actor could then execute malicious code on the system...

7.8CVSS7.9AI score0.00249EPSS
Exploits0References1
NVD
NVD
added 2023/10/27 7:15 p.m.29 views

CVE-2023-27854

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

7.8CVSS7.9AI score0.00253EPSS
Exploits0References1
Prion
Prion
added 2023/10/27 7:15 p.m.20 views

Remote code execution

Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application. The threat-actor could then execute malicious code on the system...

4.4CVSS7.9AI score0.00249EPSS
Exploits0References1
Prion
Prion
added 2023/10/27 7:15 p.m.22 views

Buffer overflow

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

4.4CVSS7.9AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2023/10/27 6:58 p.m.59 views

CVE-2023-27858

CVE-2023-27858 affects Rockwell Automation Arena, specifically the Arena software (e.g., version 16.20.00001 per ICS-CISA advisories). The vulnerability stems from an uninitialized pointer in the application, enabling a local attacker to execute arbitrary code by processing a malformed or malicio...

7.8CVSS7.8AI score0.00249EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/27 6:58 p.m.47 views

CVE-2023-27858 Rockwell Automation Arena® Simulation Uninitialized Pointer Vulnerability

Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application. The threat-actor could then execute malicious code on the system...

7.8CVSS8AI score0.00249EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/27 6:51 p.m.20 views

CVE-2023-27854 Rockwell Automation Arena® Simulation Out of Bounds Read Vulnerability

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

7.8CVSS8AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2023/10/27 6:51 p.m.65 views

CVE-2023-27854

CVE-2023-27854 affects Rockwell Automation Arena (Arena) 16.20.x; vulnerability is a memory boundary issue (out-of-bounds read) and related uninitialized pointer, triggered by processing crafted files. Exploitation could allow arbitrary code execution with local access and user interaction requir...

7.8CVSS7.9AI score0.00253EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/10/27 12:0 a.m.5 views

Rockwell Automation Arena Simulation Software 缓冲区错误漏洞

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. Rockwell Automation Arena Simulation Software suffers from a buffer overflow vulnerability that originates from a boundary error when the...

7.8CVSS8.1AI score0.00253EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/27 12:0 a.m.2 views

Rockwell Automation Arena Simulation Software 缓冲区错误漏洞

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A security vulnerability exists in Rockwell Automation Arena Simulation, which can be exploited by an attacker to submit unauthorized code...

7.8CVSS6.9AI score0.00249EPSS
Exploits0References3
CNVD
CNVD
added 2023/05/15 12:0 a.m.16 views

Rockwell Automation Arena Simulation Software Buffer Overflow Vulnerability (CNVD-2023-49821)

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A buffer overflow vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to submit...

9.8CVSS7.6AI score0.0085EPSS
Exploits0References1
CNVD
CNVD
added 2023/05/15 12:0 a.m.12 views

Rockwell Automation Arena Simulation Software Buffer Overflow Vulnerability

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A buffer overflow vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to remotely...

8.8CVSS7.8AI score0.009EPSS
Exploits0References1
CNVD
CNVD
added 2023/05/15 12:0 a.m.11 views

Rockwell Automation Arena Simulation Software Buffer Overflow Vulnerability (CNVD-2023-49823)

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A buffer overflow vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to execute...

9.8CVSS7.6AI score0.0085EPSS
Exploits0References1
ICS
ICS
added 2023/05/12 3:7 p.m.41 views

Rockwell Automation Arena Simulation Software

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Arena Simulation Software Vulnerabilities: Incorrect Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

9.8CVSS9.6AI score0.009EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2023/05/12 12:0 a.m.22 views

Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS6.3AI score0.0085EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/12 12:0 a.m.17 views

Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS6.3AI score0.0085EPSS
Exploits0References1
CISA
CISA
added 2023/05/11 12:0 p.m.4 views

CISA Releases Fifteen Industrial Control Systems Advisories

CISA released fifteen Industrial Control Systems ICS advisories on May 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-131-01 Siemens Solid Edge ICSA-23-131-02 Siemens SCALANCE W1750D ICSA-23-131-03 Siemen...

7.1AI score
Exploits0References15
OSV
OSV
added 2023/05/09 2:15 p.m.6 views

CVE-2023-29460

An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of...

9.8CVSS8AI score0.0085EPSS
Exploits0References1
NVD
NVD
added 2023/05/09 2:15 p.m.24 views

CVE-2023-29461

An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentially resulting in a complet...

9.8CVSS9.2AI score0.0085EPSS
Exploits0References1
NVD
NVD
added 2023/05/09 2:15 p.m.19 views

CVE-2023-29462

An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentially resulting in a complet...

8.8CVSS8.6AI score0.009EPSS
Exploits0References2
Rows per page
Query Builder