CVE-2023-27854
CVSS V2 None
CVSS V3 None
Description
An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. The user would need to open a malicious file provided to them by the attacker for the code to execute.
Overview
- CVE ID
- CVE-2023-27854
- Assigner
- Rockwell
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-10-27T18:51:30.505Z
- Last Modified Date
- 2023-10-27T18:51:30.505Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-27854 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27854 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 01:46:16 | Added to TrackCVE |