Vulnerability Description
A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Arena | <= 16.00.00 |
Related Weaknesses (CWE)
References
- https://www.us-cert.gov/ics/advisories/icsa-19-213-05Third Party AdvisoryUS Government Resource
- https://www.zerodayinitiative.com/advisories/ZDI-19-799/Third Party AdvisoryVDB Entry
- https://www.us-cert.gov/ics/advisories/icsa-19-213-05Third Party AdvisoryUS Government Resource
- https://www.zerodayinitiative.com/advisories/ZDI-19-799/Third Party AdvisoryVDB Entry
FAQ
What is CVE-2019-13521?
CVE-2019-13521 is a vulnerability with a CVSS score of 7.8 (HIGH). A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information relate...
How severe is CVE-2019-13521?
CVE-2019-13521 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-13521?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Arena.