{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-27854", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2023-03-06T18:21:21.066Z", "datePublished": "2023-10-27T18:51:30.505Z", "dateUpdated": "2024-09-10T14:26:35.022Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Arena Simulation", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "All versions before 16.20.02 Patch"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "These vulnerabilities were reported to Rockwell Automation by Michael Heinzl. "}], "datePublic": "2023-10-27T13:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. &nbsp;The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. &nbsp;The user would need to open a malicious file provided to them by the attacker for the code to execute.</span><br>\n\n"}], "value": "\nAn arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. \u00a0The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. \u00a0The user would need to open a malicious file provided to them by the attacker for the code to execute.\n\n\n"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-10-27T18:51:30.505Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<ul><li>Upgrade to 16.20.02 which has been patched to mitigate these issues, by referencing <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141044\">BF29820 - Patch: ZDI Security Patch &amp; Windows 11 updates , Arena 16.2</a>.</li></ul>\n\n<br>"}], "value": "\n * Upgrade to 16.20.02 which has been patched to mitigate these issues, by referencing BF29820 - Patch: ZDI Security Patch & Windows 11 updates , Arena 16.2 https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141044 .\n\n\n\n\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Rockwell Automation Arena\u00ae Simulation Out of Bounds Read Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:23:30.381Z"}, "title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-10T14:25:55.412720Z", "id": "CVE-2023-27854", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-10T14:26:35.022Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:23:30.381Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-27854", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-10T14:25:55.412720Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-10T14:26:30.632Z"}}], "cna": {"title": "Rockwell Automation Arena\u00ae Simulation Out of Bounds Read Vulnerability", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "These vulnerabilities were reported to Rockwell Automation by Michael Heinzl. "}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "Arena Simulation", "versions": [{"status": "affected", "version": "All versions before 16.20.02 Patch"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "\n * Upgrade to 16.20.02 which has been patched to mitigate these issues, by referencing BF29820 - Patch: ZDI Security Patch & Windows 11 updates , Arena 16.2 https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141044 .\n\n\n\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<ul><li>Upgrade to 16.20.02 which has been patched to mitigate these issues, by referencing <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141044\">BF29820 - Patch: ZDI Security Patch &amp; Windows 11 updates , Arena 16.2</a>.</li></ul>\n\n<br>", "base64": false}]}], "datePublic": "2023-10-27T13:00:00.000Z", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nAn arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. \u00a0The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. \u00a0The user would need to open a malicious file provided to them by the attacker for the code to execute.\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. &nbsp;The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. &nbsp;The user would need to open a malicious file provided to them by the attacker for the code to execute.</span><br>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-10-27T18:51:30.505Z"}}}, "cveMetadata": {"cveId": "CVE-2023-27854", "state": "PUBLISHED", "dateUpdated": "2024-09-10T14:26:35.022Z", "dateReserved": "2023-03-06T18:21:21.066Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2023-10-27T18:51:30.505Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:arena:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DBAECB8-1538-4190-806F-0326B910B18C", "versionEndExcluding": "16.20.02", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nAn arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. \u00a0The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. \u00a0The user would need to open a malicious file provided to them by the attacker for the code to execute.\n\n\n"}, {"lang": "es", "value": "Se inform\u00f3 a Rockwell Automation en Arena Simulation de una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitrario que potencialmente podr\u00eda permitir que un usuario malintencionado env\u00ede c\u00f3digo arbitrario no autorizado al software mediante el uso de un desbordamiento del b\u00fafer de memoria. El actor de la amenaza podr\u00eda entonces ejecutar c\u00f3digo malicioso en el sistema afectando la confidencialidad, integridad y disponibilidad del producto. El usuario necesitar\u00eda abrir un archivo malicioso proporcionado por el atacante para que se ejecute el c\u00f3digo."}], "id": "CVE-2023-27854", "lastModified": "2024-12-17T16:14:05.870", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-27T19:15:41.157", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}