CVE-2023-27854
published 2023-10-27CVE-2023-27854: An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit…
PriorityP338high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.25%
16.5th percentile
An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. The user would need to open a malicious file provided to them by the attacker for the code to execute.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | arena_simulation | — | — |
| rockwellautomation | arena | < 16.20.02 | 16.20.02 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation Arena
cisa_ics·2023-10-26·CVSS 7.8
[HIGH] Rockwell Automation Arena
ICS Advisory
##
Rockwell Automation Arena
Release DateOctober 26, 2023
Alert CodeICSA-23-299-04
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.8
- ATTENTION: Low attack complexity
- Vendor: Rockwell Automation
- Equipment: Arena
- Vulnerabilities: Out-of-Bounds Read, Access of Uninitialized Pointer
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code by using a memory buffer overflow or using an uninitialized pointer in the application.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Arena, a simulation software, are affected:
- Arena: Version 16.20.00001
## 3.2 Vulnerability Overview
3.2.1 OUT OF BOUNDS READ CWE-125
Version 16.20 of Rockwell Automation's A
GHSA
GHSA-cqgr-82mv-j79r: An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to com
ghsa_unreviewed·2023-10-27
CVE-2023-27854 [HIGH] CWE-125 GHSA-cqgr-82mv-j79r: An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to com
An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. The user would need to open a malicious file provided to them by the attacker for the code to execute.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-10-27
Published