CVE-2024-11155: Rockwell Automation Arena® Use After Free Vulnerability
First published: Thu Dec 05 2024(Updated: )
A “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.
Credit: PSIRT@rockwellautomation.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rockwell Automation Arena | ||
| Rockwell Automation | <16.20.06 |
Remedy
Corrected in software version 16.20.06 and later Mitigations and Workarounds Customers using the affected software are encouraged to apply these risk mitigations, if possible. For information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight to minimize the risk of the vulnerability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-11155?
CVE-2024-11155 is classified as a critical 'use after free' code execution vulnerability.
How do I fix CVE-2024-11155?
To mitigate CVE-2024-11155, users should apply the latest security updates provided by Rockwell Automation for Arena software.
What versions of Rockwell Automation Arena are affected by CVE-2024-11155?
All versions of Rockwell Automation Arena are potentially affected by CVE-2024-11155 if they allow the execution of crafted DOE files.
How can CVE-2024-11155 be exploited?
CVE-2024-11155 can be exploited by crafting a malicious DOE file that forces Arena to use a resource that has already been freed.
Is there a workaround for CVE-2024-11155?
Currently, the best approach for CVE-2024-11155 is to update to a patched version of Arena as no specific workaround is provided.
- agent/references
- agent/weakness
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/type
- agent/author
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/rockwell automation
- canonical/rockwell automation arena
- vendor/rockwellautomation
- canonical/rockwell automation