CVE-2024-21918 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption

A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and triggering an access violation. Once inside, the threat actor can run harmful code on the system. This...

CVE-2024-21918

Rockwell Automation Arena Simulation Software (Arena Simulation) is affected by CVE-2024-21918, a memory corruption vulnerability in the memory handling (memory corruption/overflow) that could allow an attacker to execute arbitrary code after opening a malicious file. Affected product: Arena Simu...

CVE-2024-21913 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption

A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. Once inside, the threat actor can ru...

CVE-2024-21913 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption

A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. Once inside, the threat actor can ru...

CVE-2024-21913

Summary: Rockwell Automation Arena Simulation Software is affected by a heap-based memory buffer overflow vulnerability (CWE-122) that can allow a malicious user to run arbitrary code by overstepping memory boundaries, triggered by opening a malicious file. Affected product: Arena Simulation Soft...

CVE-2024-21912 Rockwell Automation Arena Simulation vulnerable to out of bounds write

An arbitrary code execution vulnerability in Rockwell Automation Arena Simulation could let a malicious user insert unauthorized code into the software. This is done by writing beyond the designated memory area, which causes an access violation. Once inside, the threat actor can run harmful code ...

CVE-2024-21912

Rockwell Automation Arena Simulation Software (Arena Simulation) is affected by CVE-2024-21912 (out-of-bounds write / arbitrary code execution). The vulnerability arises from writing beyond designated memory, causing an access violation and allowing code execution when a user opens a malicious fi...

CVE-2024-21912 Rockwell Automation Arena Simulation vulnerable to out of bounds write

An arbitrary code execution vulnerability in Rockwell Automation Arena Simulation could let a malicious user insert unauthorized code into the software. This is done by writing beyond the designated memory area, which causes an access violation. Once inside, the threat actor can run harmful code ...

Rockwell Automation Arena Simulation

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : low attack complexity Vendor : Rockwell Automation Equipment : Arena Simulation Software Vulnerabilities : Out-of-bounds Write, Heap-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Use After...

Rockwell Automation Arena Simulation Software 缓冲区错误漏洞

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. An uninitialized pointer access vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attack...

Rockwell Automation Arena Simulation Software 缓冲区错误漏洞

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A security vulnerability exists in Rockwell Automation Arena Simulation Software that originated from allowing an attacker to insert...

PT-2024-2517 · Rockwell Automation · Rockwell Automation Arena Simulation

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena Simulation affected versions not specified Description: A heap-based memory buffer overflow vulnerability could potentially allow a malicious user to insert unauthorized code into the software by overstepping the...

Fortinet FortiOS Buffer Overflow Vulnerability (CNVD-2024-13748)

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A buffer overflow vulnerability...

CVE-2024-28181

CVE-2024-28181 affects the TurboBoost Commands library. The issue is an insufficiently robust permission check that can allow an attacker to invoke more public methods on Command classes than intended, risking arbitrary code execution within affected applications. Concrete details in connected so...

Fortinet FortiManager Access Control Error Vulnerability (CNVD-2024-13750)

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains ADOM to further simplify the deployment and management of multi-device...

Fortinet FortiClientEMS CSV Injection Vulnerability

Fortinet FortiClientEMS is part of Fortinet's Endpoint Management solution from Fortinet, a U.S.-based company, and is designed to help organizations effectively manage endpoint devices in their networks and provide monitoring and control of endpoint security. Fortinet FortiClientEMS suffers from...

Fortinet FortiOS and FortiProxy Buffer Overflow Vulnerability

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A buffer overflow vulnerability...

Fortinet FortiClient EMS 7.0.x < 7.0.11 / 7.2.x < 7.2.3 (FG-IR-24-007)

The version of Fortinet FortiClient EMS installed on the remote host is prior to 7.0.11 or 7.2.3. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-007 advisory. - A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet...

CVE-2023-42790

A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands...

CVE-2023-48788

A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets...