Vulnerabilities > CVE-2019-13511 - Use After Free vulnerability in Rockwellautomation Arena Simulation Software 16.00.00
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Common Weakness Enumeration (CWE)
References
- https://www.us-cert.gov/ics/advisories/icsa-19-213-05
- https://www.zerodayinitiative.com/advisories/ZDI-20-814/
- https://www.zerodayinitiative.com/advisories/ZDI-20-812/
- https://www.zerodayinitiative.com/advisories/ZDI-20-813/
- https://www.zerodayinitiative.com/advisories/ZDI-20-810/
- https://www.zerodayinitiative.com/advisories/ZDI-20-811/