1. EXECUTIVE SUMMARY
- CVSS v3 7.8
- ATTENTION: Low attack complexity
- Vendor: Rockwell Automation
- Equipment: Arena
- Vulnerabilities: Out-of-Bounds Read, Access of Uninitialized Pointer
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code by using a memory buffer overflow or using an uninitialized pointer in the application.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Arena, a simulation software, are affected:
- Arena: Version 16.20.00001
3.2 Vulnerability Overview
3.2.1
Read the original article:
This article has been indexed from All CISA Advisories