Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. The specific flaw exists within the parsing of DOE files. Local attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of Arena®. Exploiting the vulnerability requires opening a malicious DOE file.
oryginał ENCVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XRockwellautomation Arena
APPRockwellautomation< 16.20.11
Powiązane podatności
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simula...
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simula...
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simula...
A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force...
A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force...