CVE-2018-8843
MEDIUMRockwell Automation Arena <15.10.00 - Use After Free
Title source: llmDescription
Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data..
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104166
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-130-02
Scores
CVSS v3
5.5
EPSS
0.0001
EPSS Percentile
3.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-416
Status
published
Products (1)
rockwellautomation/arena
< 15.10.00
Published
May 14, 2018
Tracked Since
Feb 18, 2026