First published: Thu Aug 15 2019(Updated: )
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation.
Credit: ics-cert@hq.dhs.gov ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Arena Simulation Software | <=16.00.00 | |
Rockwell Automation Arena Simulation | ||
Rockwellautomation Arena | <=16.00.00 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-13511 is a vulnerability that allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation.
To exploit CVE-2019-13511, user interaction is required, such as visiting a malicious page or opening a malicious file.
CVE-2019-13511 has a severity rating of 7.8 (high).
CVE-2019-13511 affects installations of Rockwell Automation Arena Simulation software up to version 16.00.00.
Yes, references to CVE-2019-13511 can be found at the following links: [Link 1](https://www.us-cert.gov/ics/advisories/icsa-19-213-05), [Link 2](https://www.zerodayinitiative.com/advisories/ZDI-20-810/), [Link 3](https://www.zerodayinitiative.com/advisories/ZDI-20-811/).