CVE-2023-27858 - OpenCVE

Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application. The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. The user would need to open a malicious file provided to them by the attacker for the code to execute.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	Arena Simulation

Configuration 1 [-]

cpe:2.3:a:rockwellautomation:arena_simulation:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145

History

No history.

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2023-10-27T18:58:26.703Z

Updated: 2024-09-09T19:48:57.646Z

Reserved: 2023-03-06T18:21:21.067Z

Link: CVE-2023-27858

Vulnrichment

Updated: 2024-08-02T12:23:30.373Z

NVD

Status : Analyzed

Published: 2023-10-27T19:15:41.230

Modified: 2023-11-07T18:07:36.920

Link: CVE-2023-27858

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-27858", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2023-03-06T18:21:21.067Z", "datePublished": "2023-10-27T18:58:26.703Z", "dateUpdated": "2024-09-09T19:48:57.646Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Arena Simulation", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "All versions before the 16.20.02 Patch"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "These vulnerabilities were reported to Rockwell Automation by Michael Heinzl"}], "datePublic": "2023-10-27T13:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application.  The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product.  The user would need to open a malicious file provided to them by the attacker for the code to execute.</span>\n\n"}], "value": "\nRockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an\u00a0uninitialized pointer in the application. \u00a0The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. \u00a0The user would need to open a malicious file provided to them by the attacker for the code to execute.\n\n"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-824", "description": "CWE-824 Access of Uninitialized Pointer", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-10-27T18:58:26.703Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<ul><li>Upgrade to 16.20.02 which has been patched to mitigate these issues, by referencing <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141044\">BF29820 - Patch: ZDI Security Patch & Windows 11 updates , Arena 16.2</a>.</li></ul>\n\n<br>"}], "value": "\n * Upgrade to 16.20.02 which has been patched to mitigate these issues, by referencing BF29820 - Patch: ZDI Security Patch & Windows 11 updates , Arena 16.2 https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141044 .\n\n\n\n\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Rockwell Automation Arena\u00ae Simulation Uninitialized Pointer Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:23:30.373Z"}, "title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "rockwellautomation", "product": "arena_simulation", "cpes": ["cpe:2.3:a:rockwellautomation:arena_simulation:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "16.20.02", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-09T19:47:33.108286Z", "id": "CVE-2023-27858", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-09T19:48:57.646Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:23:30.373Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-27858", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-09T19:47:33.108286Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:rockwellautomation:arena_simulation:-:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "arena_simulation", "versions": [{"status": "affected", "version": "0", "lessThan": "16.20.02", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-09T19:48:48.821Z"}}], "cna": {"title": "Rockwell Automation Arena\u00ae Simulation Uninitialized Pointer Vulnerability", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "These vulnerabilities were reported to Rockwell Automation by Michael Heinzl"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "Arena Simulation", "versions": [{"status": "affected", "version": "All versions before the 16.20.02 Patch"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "\n * Upgrade to 16.20.02 which has been patched to mitigate these issues, by referencing BF29820 - Patch: ZDI Security Patch & Windows 11 updates , Arena 16.2 https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141044 .\n\n\n\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<ul><li>Upgrade to 16.20.02 which has been patched to mitigate these issues, by referencing <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141044\">BF29820 - Patch: ZDI Security Patch & Windows 11 updates , Arena 16.2</a>.</li></ul>\n\n<br>", "base64": false}]}], "datePublic": "2023-10-27T13:00:00.000Z", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nRockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an\u00a0uninitialized pointer in the application. \u00a0The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. \u00a0The user would need to open a malicious file provided to them by the attacker for the code to execute.\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application.  The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product.  The user would need to open a malicious file provided to them by the attacker for the code to execute.</span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-824", "description": "CWE-824 Access of Uninitialized Pointer"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2023-10-27T18:58:26.703Z"}}}, "cveMetadata": {"cveId": "CVE-2023-27858", "state": "PUBLISHED", "dateUpdated": "2024-09-09T19:48:57.646Z", "dateReserved": "2023-03-06T18:21:21.067Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2023-10-27T18:58:26.703Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:arena_simulation:*:*:*:*:*:*:*:*", "matchCriteriaId": "0AE2589A-AD92-4199-B117-B84E54C4F810", "versionEndExcluding": "16.20.02", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nRockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an\u00a0uninitialized pointer in the application. \u00a0The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. \u00a0The user would need to open a malicious file provided to them by the attacker for the code to execute.\n\n"}, {"lang": "es", "value": "Rockwell Automation Arena Simulation contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitrario que podr\u00eda permitir que un usuario malintencionado env\u00ede c\u00f3digo no autorizado al software mediante el uso de un puntero no inicializado en la aplicaci\u00f3n. El actor de la amenaza podr\u00eda entonces ejecutar c\u00f3digo malicioso en el sistema afectando la confidencialidad, integridad y disponibilidad del producto. El usuario necesitar\u00eda abrir un archivo malicioso proporcionado por el atacante para que se ejecute el c\u00f3digo."}], "id": "CVE-2023-27858", "lastModified": "2023-11-07T18:07:36.920", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2023-10-27T19:15:41.230", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-824"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-824"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}