Details of VAR-201908-1965

ID

VAR-201908-1965

CVE

CVE-2019-13511

TITLE

Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability

Trust: 3.5

sources: ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810

DESCRIPTION

Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of project files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. 9502-Ax) 16.00.00 and earlier versions. The vulnerability stems from network system or product configuration errors during operation

Trust: 6.03

sources: NVD: CVE-2019-13511 // JVNDB: JVNDB-2019-008328 // ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // VULHUB: VHN-145365

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-38698

AFFECTED PRODUCTS

vendor:	rockwell automation	model:	arena simulation	scope:	-	version:	-	Trust: 4.2
vendor:	rockwellautomation	model:	arena simulation software	scope:	lte	version:	16.00.00	Trust: 1.0
vendor:	rockwell automation	model:	arena simulation software	scope:	lte	version:	16.00.00	Trust: 0.8
vendor:	rockwell	model:	automation arena simulation software	scope:	lte	version:	<=16.00.00	Trust: 0.6

sources: ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // JVNDB: JVNDB-2019-008328 // NVD: CVE-2019-13511

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2019-13511
value:	HIGH
Trust: 3.5
nvd@nist.gov:	CVE-2019-13511
value:	LOW
Trust: 1.0
NVD:	CVE-2019-13511
value:	LOW
Trust: 0.8
ZDI:	CVE-2019-13511
value:	LOW
Trust: 0.7
CNVD:	CNVD-2020-38698
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201908-146
value:	LOW
Trust: 0.6
VULHUB:	VHN-145365
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-13511
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2020-38698
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-145365
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ZDI:	CVE-2019-13511
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 3.5
nvd@nist.gov:	CVE-2019-13511
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2019-13511
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2019-13511
baseSeverity:	LOW
baseScore:	3.3
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	1.4
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // VULHUB: VHN-145365 // JVNDB: JVNDB-2019-008328 // CNNVD: CNNVD-201908-146 // NVD: CVE-2019-13511

PROBLEMTYPE DATA

problemtype:	CWE-200	Trust: 1.9
problemtype:	CWE-416	Trust: 1.0

sources: VULHUB: VHN-145365 // JVNDB: JVNDB-2019-008328 // NVD: CVE-2019-13511

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201908-146

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201908-146

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-008328

PATCH

title:	Rockwell Automation has issued an update to correct this vulnerability.	url:	https://www.us-cert.gov/ics/advisories/icsa-19-213-05	Trust: 4.2
title:	Top Page	url:	https://www.rockwellautomation.com/	Trust: 0.8
title:	Patch for Rockwell Automation Arena Simulation Software Information Disclosure Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/225421	Trust: 0.6
title:	Rockwell Automation Arena Simulation Software Repair measures for information disclosure vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95908	Trust: 0.6

EXTERNAL IDS

db:	NVD	id:	CVE-2019-13511	Trust: 7.3
db:	ICS CERT	id:	ICSA-19-213-05	Trust: 2.5
db:	ZDI	id:	ZDI-20-814	Trust: 2.4
db:	ZDI	id:	ZDI-20-813	Trust: 2.4
db:	ZDI	id:	ZDI-20-812	Trust: 2.4
db:	ZDI	id:	ZDI-20-811	Trust: 2.4
db:	ZDI	id:	ZDI-20-810	Trust: 2.4
db:	ZDI	id:	ZDI-19-695	Trust: 1.3
db:	AUSCERT	id:	ESB-2019.2900	Trust: 1.2
db:	JVNDB	id:	JVNDB-2019-008328	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-8014	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-10470	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-10374	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-10373	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-10129	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-10186	Trust: 0.7
db:	CNVD	id:	CNVD-2020-38698	Trust: 0.7
db:	CNNVD	id:	CNNVD-201908-146	Trust: 0.7
db:	NSFOCUS	id:	47670	Trust: 0.6
db:	VULHUB	id:	VHN-145365	Trust: 0.1

sources: ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // VULHUB: VHN-145365 // JVNDB: JVNDB-2019-008328 // CNNVD: CNNVD-201908-146 // NVD: CVE-2019-13511

REFERENCES

url:	https://www.us-cert.gov/ics/advisories/icsa-19-213-05	Trust: 6.7
url:	https://www.zerodayinitiative.com/advisories/zdi-20-814/	Trust: 2.3
url:	https://www.zerodayinitiative.com/advisories/zdi-20-810/	Trust: 1.7
url:	https://www.zerodayinitiative.com/advisories/zdi-20-811/	Trust: 1.7
url:	https://www.zerodayinitiative.com/advisories/zdi-20-812/	Trust: 1.7
url:	https://www.zerodayinitiative.com/advisories/zdi-20-813/	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13511	Trust: 1.4
url:	https://www.auscert.org.au/bulletins/esb-2019.2900/	Trust: 1.2
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13511	Trust: 0.8
url:	https://www.zerodayinitiative.com/advisories/zdi-19-695/	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/47670	Trust: 0.6

sources: ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // VULHUB: VHN-145365 // JVNDB: JVNDB-2019-008328 // CNNVD: CNNVD-201908-146 // NVD: CVE-2019-13511

CREDITS

kimiya

Trust: 3.5

sources: ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810

SOURCES

db:	ZDI	id:	ZDI-19-695
db:	ZDI	id:	ZDI-20-814
db:	ZDI	id:	ZDI-20-813
db:	ZDI	id:	ZDI-20-812
db:	ZDI	id:	ZDI-20-811
db:	ZDI	id:	ZDI-20-810
db:	CNVD	id:	CNVD-2020-38698
db:	VULHUB	id:	VHN-145365
db:	JVNDB	id:	JVNDB-2019-008328
db:	CNNVD	id:	CNNVD-201908-146
db:	NVD	id:	CVE-2019-13511

LAST UPDATE DATE

2024-08-14T13:44:27.575000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-19-695	date:	2019-08-08T00:00:00
db:	ZDI	id:	ZDI-20-814	date:	2020-07-07T00:00:00
db:	ZDI	id:	ZDI-20-813	date:	2020-07-07T00:00:00
db:	ZDI	id:	ZDI-20-812	date:	2020-07-07T00:00:00
db:	ZDI	id:	ZDI-20-811	date:	2021-06-29T00:00:00
db:	ZDI	id:	ZDI-20-810	date:	2020-07-07T00:00:00
db:	CNVD	id:	CNVD-2020-38698	date:	2020-07-14T00:00:00
db:	VULHUB	id:	VHN-145365	date:	2020-07-07T00:00:00
db:	JVNDB	id:	JVNDB-2019-008328	date:	2019-08-29T00:00:00
db:	CNNVD	id:	CNNVD-201908-146	date:	2021-10-29T00:00:00
db:	NVD	id:	CVE-2019-13511	date:	2021-10-28T15:11:40.150

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-19-695	date:	2019-08-08T00:00:00
db:	ZDI	id:	ZDI-20-814	date:	2020-07-07T00:00:00
db:	ZDI	id:	ZDI-20-813	date:	2020-07-07T00:00:00
db:	ZDI	id:	ZDI-20-812	date:	2020-07-07T00:00:00
db:	ZDI	id:	ZDI-20-811	date:	2020-07-07T00:00:00
db:	ZDI	id:	ZDI-20-810	date:	2020-07-07T00:00:00
db:	CNVD	id:	CNVD-2020-38698	date:	2020-07-14T00:00:00
db:	VULHUB	id:	VHN-145365	date:	2019-08-15T00:00:00
db:	JVNDB	id:	JVNDB-2019-008328	date:	2019-08-29T00:00:00
db:	CNNVD	id:	CNNVD-201908-146	date:	2019-08-01T00:00:00
db:	NVD	id:	CVE-2019-13511	date:	2019-08-15T19:15:10.950