Vulnerabilities > Rockwellautomation > Arena > 15.10.01
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-19 | CVE-2024-11157 | Out-of-bounds Write vulnerability in Rockwellautomation Arena A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. | 7.3 |
| 2024-12-19 | CVE-2024-12175 | Use After Free vulnerability in Rockwellautomation Arena Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. | 7.8 |
| 2024-12-05 | CVE-2024-11156 | Out-of-bounds Write vulnerability in Rockwellautomation Arena An “out of bounds write” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. | 7.8 |
| 2024-12-05 | CVE-2024-12130 | Out-of-bounds Read vulnerability in Rockwellautomation Arena An “out of bounds read” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to read beyond the boundaries of an allocated memory. | 7.8 |
| 2023-10-27 | CVE-2023-27854 | Out-of-bounds Read vulnerability in Rockwellautomation Arena An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. | 7.8 |
| 2023-10-27 | CVE-2023-27858 | Access of Uninitialized Pointer vulnerability in Rockwellautomation Arena Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application. | 7.8 |