Vulnerabilities > CVE-2018-8843 - Use After Free vulnerability in Rockwellautomation Arena

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

rockwellautomation

CWE-416

NVD

Published: 2018-05-14

Updated: 2019-10-09

Summary

Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data..

Vulnerable Configurations

Part	Description	Count
Application	Rockwellautomation Rockwellautomation Arena 2.00.00 Rockwellautomation Arena 2.50.00 Rockwellautomation Arena 3.00.00 Rockwellautomation Arena 8.01.00 Rockwellautomation Arena 9.00.00 Rockwellautomation Arena 10.00.00 Rockwellautomation Arena 11.00.00 Rockwellautomation Arena 12.00.00 Rockwellautomation Arena 13.00.00 Rockwellautomation Arena 13.50.00 Rockwellautomation Arena 13.90.00 Rockwellautomation Arena 14.00.00 Rockwellautomation Arena 14.00.01 Rockwellautomation Arena 14.50.00 Rockwellautomation Arena 14.70.00 Rockwellautomation Arena 15.00.00 Rockwellautomation Arena 15.10.00	17

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References