IM
IronMonkey Threat Research

CVE-2024-11156 HIGH

Published: 2024-12-05 | Last Modified: 2024-12-17 | Status: Analyzed

Description

An “out of bounds write” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.

Additional Descriptions (1)

Existe una vulnerabilidad de ejecución de código de “out of bounds read” en Rockwell Automation Arena® que podría permitir que un actor de amenazas escriba más allá de los límites de la memoria asignada en un archivo DOE. Si se explota, un actor de amenazas podría aprovechar esta vulnerabilidad para ejecutar código arbitrario. Para explotar esta vulnerabilidad, un usuario legítimo debe ejecutar el código malicioso manipulado por el actor de amenazas.

CVSS Metrics

Base Score: 7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
ScopeUNCHANGED
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 5.9

Base Score: 8.5 (HIGH)

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack VectorLOCAL
Attack ComplexityLOW
Attack RequirementsNONE
Privileges RequiredNONE
User InteractionPASSIVE
Vulnerability ConfidentialityHIGH
Vulnerability IntegrityHIGH
Vulnerability AvailabilityHIGH
Subsequent ConfidentialityNONE
Subsequent IntegrityNONE
Subsequent AvailabilityNONE

Source: [email protected]

Type: Secondary

Weaknesses

Source Type Description
[email protected] Secondary
en CWE-787
[email protected] Primary
en CWE-787

Affected Products

Vendor Product Version Update Type
rockwellautomation arena * <built-in method update of dict object at 0x72a9cc6274c0> Application

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:rockwellautomation:arena:*:*:*:*:*:*:*:*

References

Notification
Message here