CVE-2019-13510
HIGHRockwell Automation Arena < 16.00.00 - Use-After-Free via Maliciously Crafted Arena File
Title source: llmDescription
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code.
References (13)
Core 13
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsa-19-213-05
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-19-800/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-19-801/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-19-994/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-19-999/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-19-998/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-19-1000/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-927/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-931/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-926/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-929/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-928/
Third Party Advisory x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-930/
Scores
CVSS v3
7.8
EPSS
0.0234
EPSS Percentile
85.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (1)
rockwellautomation/arena
< 16.00.00
Published
Aug 15, 2019
Tracked Since
Feb 18, 2026