1. EXECUTIVE SUMMARY
- CVSS v3 7.8
- ATTENTION: Low attack complexity
- Vendor: Rockwell Automation
- Equipment: Arena
- Vulnerabilities: Out-of-Bounds Read, Access of Uninitialized Pointer
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code by using a memory buffer overflow or using an uninitialized pointer in the application.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Arena, a simulation software, are affected:
- Arena: Version 16.20.00001
3.2 Vulnerability Overview
3.2.1 OUT OF BOUNDS READ CWE-125
Version 16.20 of Rockwell Automation’s Arena software contains an out-of-bounds read vulnerability when certain malformed files are processed. An attacker with local access could utilize this to potentially leak memory or achieve arbitrary code execution.
CVE-2023-27854 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.2 ACCESS OF UNINITIALIZED POINTER CWE-824
Version 16.20 of Rockwell Automation’s Arena software contains an uninitialized pointer when certain malformed files are processed. A local attacker who has properly prepared a malformed file may be able to point to a predetermined location in memory and execute arbitrary code.
CVE-2023-27858 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (This article has been indexed from All CISA Advisories