Filtered by vendor Rockwellautomation
Subscriptions
Filtered by product Arena
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13519 | 1 Rockwellautomation | 1 Arena | 2024-12-17 | 7.8 High |
| A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities. | ||||
| CVE-2024-11155 | 1 Rockwellautomation | 1 Arena | 2024-12-06 | 7.8 High |
| A “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor. | ||||
| CVE-2024-11158 | 1 Rockwellautomation | 1 Arena | 2024-12-06 | 6.7 Medium |
| An “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable before it being initialized. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor. | ||||
| CVE-2018-8843 | 1 Rockwellautomation | 1 Arena | 2024-11-21 | N/A |
| Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data.. | ||||