CVE-2024-21912

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 26, 2024

CWE ID 787

Summary

CVE-2024-21912 is a critical arbitrary code execution vulnerability affecting Rockwell Automation Arena Simulation software. Malicious users can exploit this issue by writing unauthorized code beyond the designated memory area, leading to an access violation. Upon triggering this vulnerability by opening a maliciously crafted file, attackers gain the ability to execute harmful code on the system. This vulnerability poses risks to the confidentiality, integrity, and availability of the product.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uA4mxv
https://www.cve.org/CVERecord?id=CVE-2024-21912
https://nvd.nist.gov/vuln/detail/CVE-2024-21912

Back to Vulnerability Database

CVE-2024-21912

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations