CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11364

Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.1%

CVSS Severity

CVSS v3 Score 7.3

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1713.html

Products affected by CVE-2024-11364

Rockwellautomation » Arena » Version: N/A

cpe:2.3:a:rockwellautomation:arena:-
Rockwellautomation » Arena » Version: 10.00.00

cpe:2.3:a:rockwellautomation:arena:10.00.00
Rockwellautomation » Arena » Version: 11.00.00

cpe:2.3:a:rockwellautomation:arena:11.00.00
Rockwellautomation » Arena » Version: 12.00.00

cpe:2.3:a:rockwellautomation:arena:12.00.00
Rockwellautomation » Arena » Version: 13.00.00

cpe:2.3:a:rockwellautomation:arena:13.00.00
Rockwellautomation » Arena » Version: 13.50.00

cpe:2.3:a:rockwellautomation:arena:13.50.00
Rockwellautomation » Arena » Version: 13.90.00

cpe:2.3:a:rockwellautomation:arena:13.90.00
Rockwellautomation » Arena » Version: 14.00.00

cpe:2.3:a:rockwellautomation:arena:14.00.00
Rockwellautomation » Arena » Version: 14.00.01

cpe:2.3:a:rockwellautomation:arena:14.00.01
Rockwellautomation » Arena » Version: 14.50.00

cpe:2.3:a:rockwellautomation:arena:14.50.00
Rockwellautomation » Arena » Version: 14.70.00

cpe:2.3:a:rockwellautomation:arena:14.70.00
Rockwellautomation » Arena » Version: 15.00.00

cpe:2.3:a:rockwellautomation:arena:15.00.00
Rockwellautomation » Arena » Version: 15.10.00

cpe:2.3:a:rockwellautomation:arena:15.10.00
Rockwellautomation » Arena » Version: 15.10.01

cpe:2.3:a:rockwellautomation:arena:15.10.01
Rockwellautomation » Arena » Version: 16.00.00

cpe:2.3:a:rockwellautomation:arena:16.00.00
Rockwellautomation » Arena » Version: 16.00.01

cpe:2.3:a:rockwellautomation:arena:16.00.01
Rockwellautomation » Arena » Version: 16.10.00

cpe:2.3:a:rockwellautomation:arena:16.10.00
Rockwellautomation » Arena » Version: 16.20.00

cpe:2.3:a:rockwellautomation:arena:16.20.00
Rockwellautomation » Arena » Version: 16.20.01

cpe:2.3:a:rockwellautomation:arena:16.20.01
Rockwellautomation » Arena » Version: 16.20.02

cpe:2.3:a:rockwellautomation:arena:16.20.02
Rockwellautomation » Arena » Version: 16.20.03

cpe:2.3:a:rockwellautomation:arena:16.20.03
Rockwellautomation » Arena » Version: 16.20.04

cpe:2.3:a:rockwellautomation:arena:16.20.04
Rockwellautomation » Arena » Version: 16.20.05

cpe:2.3:a:rockwellautomation:arena:16.20.05
Rockwellautomation » Arena » Version: 16.20.06

cpe:2.3:a:rockwellautomation:arena:16.20.06
Rockwellautomation » Arena » Version: 16.20.07

cpe:2.3:a:rockwellautomation:arena:16.20.07
Rockwellautomation » Arena » Version: 16.20.08

cpe:2.3:a:rockwellautomation:arena:16.20.08
Rockwellautomation » Arena » Version: 16.20.09

cpe:2.3:a:rockwellautomation:arena:16.20.09
Rockwellautomation » Arena » Version: 2.00.00

cpe:2.3:a:rockwellautomation:arena:2.00.00
Rockwellautomation » Arena » Version: 2.50.00

cpe:2.3:a:rockwellautomation:arena:2.50.00
Rockwellautomation » Arena » Version: 3.00.00

cpe:2.3:a:rockwellautomation:arena:3.00.00
Rockwellautomation » Arena » Version: 8.01.00

cpe:2.3:a:rockwellautomation:arena:8.01.00
Rockwellautomation » Arena » Version: 9.00.00

cpe:2.3:a:rockwellautomation:arena:9.00.00
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11364

Products

Pricing

Contact Us