cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-2929,https://securityvulnerability.io/vulnerability/CVE-2024-2929,"Memory Corruption Vulnerability Threatens Confidentiality, Integrity, and Availability of Rockwell Automation Software","A vulnerability exists within Rockwell Automation's Arena Simulation software that enables a threat actor to exploit memory corruption. This exploitation allows the attacker to insert unauthorized code into the software through malicious file handling, leading to an access violation. Such actions can jeopardize the confidentiality, integrity, and availability of the affected system. Users inadvertently opening compromised files could expose their systems to potential threats and harmful consequences.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.0005099999834783375,false,,false,false,false,,,false,false,,2024-03-26T15:56:31.967Z,0
CVE-2024-21920,https://securityvulnerability.io/vulnerability/CVE-2024-21920,Memory Buffer Vulnerability Could Lead to Sensitive Information Reveal and Denial of Service,"A vulnerability exists in Rockwell Automation's Arena Simulation due to a memory buffer issue that may allow a threat actor to read data beyond the intended memory limits. This exposure might lead to unauthorized disclosure of sensitive data and could also result in application crashes, leading to a denial-of-service condition. The exploitation of this vulnerability requires a user to interact with a malicious file provided by the threat actor.",Rockwell Automation,Arena Simulation,7.1,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-03-26T15:48:59.735Z,0
CVE-2024-21919,https://securityvulnerability.io/vulnerability/CVE-2024-21919,Uninitialized Pointer Vulnerability in Rockwell Automation Arena Simulation Software Could Lead to Code Injection,"An uninitialized pointer vulnerability exists in Rockwell Automation's Arena Simulation Software, which could permit unauthorized code insertion by exploiting the pointer during specific user interactions. A malicious actor may craft a harmful file that, when opened by a user, allows for execution of detrimental code within the system. This vulnerability poses substantial risks to the confidentiality, integrity, and availability of the software, underscoring the necessity for users to remain cautious about opening unsolicited files and for vendors to address such security flaws promptly.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-03-26T15:46:38.129Z,0
CVE-2024-21918,https://securityvulnerability.io/vulnerability/CVE-2024-21918,"Memory Buffer Vulnerability Threatens Confidentiality, Integrity, and Availability of Arena Simulation Software","A memory buffer vulnerability exists in Rockwell Automation’s Arena Simulation software, potentially allowing a malicious user to insert unauthorized code through memory corruption. By exploiting this weakness, a threat actor could trigger an access violation upon the user opening a compromised file, leading to harmful code execution on the affected system. This vulnerability jeopardizes the confidentiality, integrity, and availability of critical data and system functions, posing significant risks to users who interact with the software.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-03-26T15:44:33.835Z,0
CVE-2024-21913,https://securityvulnerability.io/vulnerability/CVE-2024-21913,"Heap-Based Memory Buffer Overflow Vulnerability Threatens Product Confidentiality, Integrity, and Availability","A vulnerability in the Arena Simulation software from Rockwell Automation involves a heap-based memory buffer overflow, which allows attackers to exploit memory boundaries and induce access violations. By manipulating this flaw, a malicious user can inject unauthorized code into the system. This risk becomes apparent when users unknowingly open files crafted by an attacker, enabling potential harm to the system's confidentiality, integrity, and availability.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-03-26T15:38:23.962Z,0
CVE-2024-21912,https://securityvulnerability.io/vulnerability/CVE-2024-21912,Arbitrary Code Execution Vulnerability in Rockwell Automation Arena Simulation Could Lead to Unauthorized Code Injection,"An arbitrary code execution vulnerability exists in Arena Simulation by Rockwell Automation, enabling attackers to write beyond the allocated memory space. This security flaw allows unauthorized code to be executed when a user opens a specially crafted malicious file. The compromise threatens the product's confidentiality, integrity, and availability, posing significant risks to systems utilizing this software. Users are advised to exercise caution with file exchanges and apply necessary security measures.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-03-26T15:34:35.837Z,0
CVE-2023-27858,https://securityvulnerability.io/vulnerability/CVE-2023-27858,Rockwell Automation Arena® Simulation Uninitialized Pointer Vulnerability,"Rockwell Automation Arena Simulation is susceptible to an arbitrary code execution vulnerability, which enables malicious users to exploit an uninitialized pointer within the application. This vulnerability could lead to unauthorized code execution if a user inadvertently opens a maliciously crafted file. Once executed, the code can compromise the system's confidentiality, integrity, and availability, significantly impacting the usability and security of the product.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2023-10-27T19:15:00.000Z,0
CVE-2023-27854,https://securityvulnerability.io/vulnerability/CVE-2023-27854,Rockwell Automation Arena® Simulation Out of Bounds Read Vulnerability,"An arbitrary code execution vulnerability in Arena Simulation allows an attacker to exploit a memory buffer overflow, potentially executing unauthorized code on affected systems. This can significantly compromise the confidentiality, integrity, and availability of the software. To become a victim, a user must open a specially crafted file from an untrusted source. Immediate action is advised to mitigate risks associated with this vulnerability.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2023-10-27T19:15:00.000Z,0
CVE-2023-29462,https://securityvulnerability.io/vulnerability/CVE-2023-29462,Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability,"An arbitrary code execution vulnerability has been identified in Rockwell Automation's Arena Simulation software. This issue arises from a memory buffer overflow in the heap, which could be exploited by attackers to execute unauthorized code within the software environment. Such a breach may lead to severe impacts including loss of confidentiality, integrity, and availability of affected systems, posing significant risks to user data and operations.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.003269999986514449,false,,false,false,false,,,false,false,,2023-05-09T14:15:00.000Z,0
CVE-2023-29461,https://securityvulnerability.io/vulnerability/CVE-2023-29461,Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability,"An arbitrary code execution vulnerability has been identified in Rockwell Automation's Arena Simulation software. This vulnerability arises from a memory buffer overflow in the heap, which could be exploited by a malicious user to execute unauthorized code within the application. This exploitation may lead to severe consequences including a complete compromise of the application's confidentiality, integrity, and availability. Organizations using Arena Simulation are advised to review their security measures and apply necessary updates.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.001500000013038516,false,,false,false,false,,,false,false,,2023-05-09T14:15:00.000Z,0
CVE-2023-29460,https://securityvulnerability.io/vulnerability/CVE-2023-29460,Rockwell Automation Arena Simulation Software Remote Code Execution Vulnerability,"An arbitrary code execution vulnerability exists in Rockwell Automation's Arena Simulation software, enabling potential attackers to execute unauthorized code through a memory buffer overflow. This flaw could lead to severe outcomes, including a complete compromise of the system's confidentiality, integrity, and availability. Organizations using Arena Simulation should prioritize assessing their exposure to this vulnerability and apply available security patches.",Rockwell Automation,Arena Simulation,7.8,HIGH,0.001500000013038516,false,,false,false,false,,,false,false,,2023-05-09T14:15:00.000Z,0