FKIE_CVE-2024-21912

Vulnerability from fkie_nvd - Published: 2024-03-26 16:15 - Updated: 2024-12-17 16:16
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An arbitrary code execution vulnerability in Rockwell Automation Arena Simulation could let a malicious user insert unauthorized code into the software. This is done by writing beyond the designated memory area, which causes an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor.
References
PSIRT@rockwellautomation.comhttps://www.rockwellautomation.com/en-us/support/advisory.SD-1665.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.htmlBroken Link
Impacted products
Vendor Product Version
rockwellautomation arena *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rockwellautomation:arena:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7433512B-62BB-4412-BFBA-6EA4679B3778",
              "versionEndExcluding": "16.20.03",
              "versionStartIncluding": "16.00.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\nAn arbitrary code execution vulnerability in Rockwell Automation Arena Simulation could let a malicious user insert unauthorized code into the software. This is done by writing beyond the designated memory area, which causes an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor.\n\n"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitrario en Rockwell Automation Arena Simulation podr\u00eda permitir que un usuario malintencionado inserte c\u00f3digo no autorizado en el software. Esto se hace escribiendo m\u00e1s all\u00e1 del \u00e1rea de memoria designada, lo que provoca una infracci\u00f3n de acceso. Una vez dentro, el actor de la amenaza puede ejecutar c\u00f3digo da\u00f1ino en el sistema. Esto afecta la confidencialidad, integridad y disponibilidad del producto. Para desencadenar esto, el usuario tendr\u00eda que abrir, sin saberlo, un archivo malicioso compartido por el actor de la amenaza."
    }
  ],
  "id": "CVE-2024-21912",
  "lastModified": "2024-12-17T16:16:07.373",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "PSIRT@rockwellautomation.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-03-26T16:15:10.440",
  "references": [
    {
      "source": "PSIRT@rockwellautomation.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html"
    }
  ],
  "sourceIdentifier": "PSIRT@rockwellautomation.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "PSIRT@rockwellautomation.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.