IM
IronMonkey Threat Research

CVE-2024-12130 HIGH

Published: 2024-12-05 | Last Modified: 2024-12-17 | Status: Analyzed

Description

An “out of bounds read” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to read beyond the boundaries of an allocated memory. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.

Additional Descriptions (1)

Existe una vulnerabilidad de ejecución de código de “out of bounds read” en Rockwell Automation Arena® que podría permitir que un actor de amenazas manipule un archivo DOE y obligue al software a leer más allá de los límites de una memoria asignada. Si se explota, un actor de amenazas podría aprovechar esta vulnerabilidad para ejecutar código arbitrario. Para explotar esta vulnerabilidad, un usuario legítimo debe ejecutar el código malicioso manipulado por el actor de amenazas.

CVSS Metrics

Base Score: 7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
ScopeUNCHANGED
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 5.9

Base Score: 8.5 (HIGH)

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack VectorLOCAL
Attack ComplexityLOW
Attack RequirementsNONE
Privileges RequiredNONE
User InteractionPASSIVE
Vulnerability ConfidentialityHIGH
Vulnerability IntegrityHIGH
Vulnerability AvailabilityHIGH
Subsequent ConfidentialityNONE
Subsequent IntegrityNONE
Subsequent AvailabilityNONE

Source: [email protected]

Type: Secondary

Weaknesses

Source Type Description
[email protected] Secondary
en CWE-125
[email protected] Primary
en CWE-125

Affected Products

Vendor Product Version Update Type
rockwellautomation arena * <built-in method update of dict object at 0x72a9cc626f00> Application

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:a:rockwellautomation:arena:*:*:*:*:*:*:*:*

References

Notification
Message here