CVE-2024-2929

Rockwell Automation Arena Simulation Vulnerable To Memory Corruption

Description

A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor.

Remediation

Solution:

Update to v16.20.03 to remediate the issue.

Workaround:

* Do not open untrusted files from unknown sources. * For information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight to minimize the risk of the vulnerability.

References

Link	Tags
https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html	broken link

Frequently Asked Questions

What is the severity of CVE-2024-2929?: CVE-2024-2929 has been scored as a high severity vulnerability.
How to fix CVE-2024-2929?: To fix CVE-2024-2929: Update to v16.20.03 to remediate the issue.
Is CVE-2024-2929 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-2929 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-2929?: CVE-2024-2929 affects Rockwell Automation Arena Simulation.

Description

Remediation

Categories

CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-787 – Out-of-bounds Write

References

Frequently Asked Questions