CVE-2023-29462

CVE-2023-29462 affects Rockwell Automation Arena Simulation Software. A heap-based memory buffer overflow in Arena can lead to arbitrary code execution. ZDI reports remote code execution via DOE file parsing with required user interaction (user must open a malicious page/file). ICS/CISA advisorie...

CVE-2023-29461

CVE-2023-29461 affects Rockwell Automation Arena Simulation Software. The issue is described as a memory buffer overflow in the heap that could allow a malicious user to execute arbitrary code within the affected software. Public sources document variants including a file-parsing path (DOE files)...

CVE-2023-29461 Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability

An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentially resulting in a complet...

CVE-2023-29461 Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability

An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentially resulting in a complet...

CVE-2023-29460

Rockwell Automation Arena Simulation Software (v16.x) is affected by CVE-2023-29460 due to a parsing-time memory buffer overflow in DOE file processing, allowing arbitrary code execution. Affected versions include v16.00 and, per ICS/CISA guidance, v16.20.01; the issue can be triggered by process...

CVE-2023-29460 Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability

An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of...

CVE-2023-29460 Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability

An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of...

PT-2023-12577 · Amd · 2Nd Gen Amd Epyc™ +41

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to insufficient input validation in the SMU, which may allow a privileged attacker to write beyond the intended bounds of a shared...

Siemens Solid Edge

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2022-25713

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key...

Design/Logic Flaw

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key...

CVE-2022-25713

CVE-2022-25713 describes a memory corruption issue in Automotive modules caused by improper restriction of operations within the bounds of a memory buffer while exporting a shared key. The vulnerability affects Qualcomm/Automotive components and is characterized by a local attack surface with low...

Siemens SIMATIC NET CP Modules Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2021-33737)

A vulnerability has been identified in SIMATIC CP 343-1 incl. SIPLUS variants All versions, SIMATIC CP 343-1 Advanced incl. SIPLUS variants All versions, SIMATIC CP 343-1 ERPC All versions, SIMATIC CP 343-1 Lean incl. SIPLUS variants All versions, SIMATIC CP 443-1 All versions V3.3, SIMATIC CP...

Siemens SIMATIC S7-1500 Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2020-0591)

Improper buffer restrictions in BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

CVE-2023-25755

Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...

CVE-2023-25755

Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...

Out-of-bounds

Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...

PT-2023-3074 · 3S Smart Software Solutions · Codesys Control

Name of the Vulnerable Software and Affected Versions: CODESYS Control versions affected versions not specified Description: The issue is related to an improper restriction of operations within the bounds of a memory buffer, which can be exploited by a remote attacker with user privileges to gain...

VulnCheck KEV: CVE-2021-22713

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 see security notifcation for affected versions, which could cause the meter to reboot...

CVE-2023-25755

Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...