CVE-2019-13527

HIGH

Rockwell Automation Arena Simulation Software <16.00.00 - Memory Co...

Title source: llm

Description

In Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier, a maliciously crafted Arena file opened by an unsuspecting user may result in the use of a pointer that has not been initialized.

References (2)

[Third Party Advisory, US Government Resource] https://www.us-cert.gov/ics/advisories/icsa-19-213-05

[Third Party Advisory] https://www.zerodayinitiative.com/advisories/ZDI-19-993/

Scores

CVSS v3 7.8

EPSS 0.0643

EPSS Percentile 91.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-824

Status published

Products (1)

rockwellautomation/arena < 16.00.00

Published Sep 24, 2019

Tracked Since Feb 18, 2026