First published: Thu Aug 15 2019(Updated: )
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code.
Credit: ics-cert@hq.dhs.gov ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Arena Simulation Software | <=16.00.00 | |
Rockwell Automation Arena Simulation | ||
Rockwellautomation Arena | <=16.00.00 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-13510 is a vulnerability that allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation.
To exploit this vulnerability, user interaction is required, such as visiting a malicious page or opening a malicious file.
The affected software of CVE-2019-13510 is Rockwell Automation Arena Simulation.
CVE-2019-13510 has a severity rating of 7.8 (High).
To mitigate this vulnerability, it is recommended to ensure that software and systems are updated to the latest version provided by Rockwell Automation.