Rockwellautomation: Security Vulnerabilities
A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.
CVSS Score
7.3
EPSS Score
0.0
Published
2024-12-19
An “out of bounds write” code execution vulnerability exists in the
Rockwell Automation Arena®
that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-12-05
An “uninitialized variable” code execution vulnerability exists in the
Rockwell Automation Arena®
that could allow a threat actor to craft a DOE file and force the software to access a variable before it being initialized. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-12-05
An “out of bounds read” code execution vulnerability exists in the Rockwell Automation Arena®
that could allow a threat actor to craft a DOE file and force the software to read beyond the boundaries of an allocated memory. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-12-05
A “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-12-05
A remote code execution vulnerability exists in the affected
product. The vulnerability allows users to save projects within the public
directory allowing anyone with local access to modify and/or delete files. Additionally,
a malicious user could potentially leverage this vulnerability to escalate
their privileges by changing the macro to execute arbitrary code.
CVSS Score
7.3
EPSS Score
0.0
Published
2024-11-12
CVE-2024-10387 IMPACT
A Denial-of-Service
vulnerability exists in the affected product. The vulnerability could allow a
threat actor with network access to send crafted messages to the device,
potentially resulting in Denial-of-Service.
CVSS Score
7.5
EPSS Score
0.044
Published
2024-10-25
CVE-2024-10386 IMPACT
An authentication
vulnerability exists in the affected product. The vulnerability could allow a
threat actor with network access to send crafted messages to the device, potentially
resulting in database manipulation.
CVSS Score
9.8
EPSS Score
0.026
Published
2024-10-25
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-10-14
VULNERABILITY DETAILS
Rockwell Automation used the latest versions of the CVSS scoring system to assess the following vulnerabilities. The following vulnerabilities were reported to us by Sharon Brizinov of Claroty Research - Team82.
A feature in the affected products enables users to prepare a project file with an embedded VBA script and can be configured to run once the project file has been opened without user intervention. This feature can be abused to trick a legitimate user into executing malicious code upon opening an infected RSP/RSS project file. If exploited, a threat actor may be able to perform a remote code execution. Connected devices may also be impacted by exploitation of this vulnerability.
CVSS Score
7.7
EPSS Score
0.003
Published
2024-10-14