First published: Tue Sep 24 2019(Updated: )
In Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier, a maliciously crafted Arena file opened by an unsuspecting user may result in the use of a pointer that has not been initialized.
Credit: ics-cert@hq.dhs.gov ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Arena Simulation Software | <=16.00.00 | |
Rockwell Automation Arena Simulation | ||
Rockwellautomation Arena | <=16.00.00 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2019-13527 is high.
Remote attackers can exploit CVE-2019-13527 by executing arbitrary code on affected installations of Rockwell Automation Arena Simulation, requiring user interaction to visit a malicious page or open a malicious file.
CVE-2019-13527 affects Rockwell Automation Arena Simulation software version 16.00.00.
To fix CVE-2019-13527, users should apply the necessary security patches or updates provided by Rockwell Automation.
More information about CVE-2019-13527 can be found on the US-CERT and Zero Day Initiative websites.