ID

VAR-201908-1965


CVE

CVE-2019-13511


TITLE

Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability

Trust: 3.5

sources: ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810

DESCRIPTION

Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of project files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. 9502-Ax) 16.00.00 and earlier versions. The vulnerability stems from network system or product configuration errors during operation

Trust: 6.03

sources: NVD: CVE-2019-13511 // JVNDB: JVNDB-2019-008328 // ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // VULHUB: VHN-145365

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-38698

AFFECTED PRODUCTS

vendor:rockwell automationmodel:arena simulationscope: - version: -

Trust: 4.2

vendor:rockwellautomationmodel:arenascope:lteversion:16.00.00

Trust: 1.0

vendor:rockwell automationmodel:arena simulation softwarescope:lteversion:16.00.00

Trust: 0.8

vendor:rockwellmodel:automation arena simulation softwarescope:lteversion:<=16.00.00

Trust: 0.6

sources: ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // JVNDB: JVNDB-2019-008328 // NVD: CVE-2019-13511

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2019-13511
value: HIGH

Trust: 3.5

nvd@nist.gov: CVE-2019-13511
value: LOW

Trust: 1.0

NVD: CVE-2019-13511
value: LOW

Trust: 0.8

ZDI: CVE-2019-13511
value: LOW

Trust: 0.7

CNVD: CNVD-2020-38698
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201908-146
value: LOW

Trust: 0.6

VULHUB: VHN-145365
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-13511
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2020-38698
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-145365
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ZDI: CVE-2019-13511
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 3.5

nvd@nist.gov: CVE-2019-13511
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2019-13511
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2019-13511
baseSeverity: LOW
baseScore: 3.3
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // VULHUB: VHN-145365 // JVNDB: JVNDB-2019-008328 // CNNVD: CNNVD-201908-146 // NVD: CVE-2019-13511

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

problemtype:CWE-416

Trust: 1.0

sources: VULHUB: VHN-145365 // JVNDB: JVNDB-2019-008328 // NVD: CVE-2019-13511

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201908-146

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201908-146

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-008328

PATCH

title:Rockwell Automation has issued an update to correct this vulnerability.url:https://www.us-cert.gov/ics/advisories/icsa-19-213-05

Trust: 4.2

title:Top Pageurl:https://www.rockwellautomation.com/

Trust: 0.8

title:Patch for Rockwell Automation Arena Simulation Software Information Disclosure Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/225421

Trust: 0.6

title:Rockwell Automation Arena Simulation Software Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95908

Trust: 0.6

sources: ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // JVNDB: JVNDB-2019-008328 // CNNVD: CNNVD-201908-146

EXTERNAL IDS

db:NVDid:CVE-2019-13511

Trust: 7.3

db:ICS CERTid:ICSA-19-213-05

Trust: 2.5

db:ZDIid:ZDI-20-814

Trust: 2.4

db:ZDIid:ZDI-20-813

Trust: 2.4

db:ZDIid:ZDI-20-812

Trust: 2.4

db:ZDIid:ZDI-20-811

Trust: 2.4

db:ZDIid:ZDI-20-810

Trust: 2.4

db:ZDIid:ZDI-19-695

Trust: 1.3

db:AUSCERTid:ESB-2019.2900

Trust: 1.2

db:JVNDBid:JVNDB-2019-008328

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-8014

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-10470

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-10374

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-10373

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-10129

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-10186

Trust: 0.7

db:CNVDid:CNVD-2020-38698

Trust: 0.7

db:CNNVDid:CNNVD-201908-146

Trust: 0.7

db:NSFOCUSid:47670

Trust: 0.6

db:VULHUBid:VHN-145365

Trust: 0.1

sources: ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // VULHUB: VHN-145365 // JVNDB: JVNDB-2019-008328 // CNNVD: CNNVD-201908-146 // NVD: CVE-2019-13511

REFERENCES

url:https://www.us-cert.gov/ics/advisories/icsa-19-213-05

Trust: 6.7

url:https://www.zerodayinitiative.com/advisories/zdi-20-814/

Trust: 2.3

url:https://www.zerodayinitiative.com/advisories/zdi-20-810/

Trust: 1.7

url:https://www.zerodayinitiative.com/advisories/zdi-20-811/

Trust: 1.7

url:https://www.zerodayinitiative.com/advisories/zdi-20-812/

Trust: 1.7

url:https://www.zerodayinitiative.com/advisories/zdi-20-813/

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-13511

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2019.2900/

Trust: 1.2

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13511

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-19-695/

Trust: 0.6

url:http://www.nsfocus.net/vulndb/47670

Trust: 0.6

sources: ZDI: ZDI-19-695 // ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810 // CNVD: CNVD-2020-38698 // VULHUB: VHN-145365 // JVNDB: JVNDB-2019-008328 // CNNVD: CNNVD-201908-146 // NVD: CVE-2019-13511

CREDITS

kimiya

Trust: 3.5

sources: ZDI: ZDI-20-814 // ZDI: ZDI-20-813 // ZDI: ZDI-20-812 // ZDI: ZDI-20-811 // ZDI: ZDI-20-810

SOURCES

db:ZDIid:ZDI-19-695
db:ZDIid:ZDI-20-814
db:ZDIid:ZDI-20-813
db:ZDIid:ZDI-20-812
db:ZDIid:ZDI-20-811
db:ZDIid:ZDI-20-810
db:CNVDid:CNVD-2020-38698
db:VULHUBid:VHN-145365
db:JVNDBid:JVNDB-2019-008328
db:CNNVDid:CNNVD-201908-146
db:NVDid:CVE-2019-13511

LAST UPDATE DATE

2024-12-17T22:47:16.409000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-19-695date:2019-08-08T00:00:00
db:ZDIid:ZDI-20-814date:2020-07-07T00:00:00
db:ZDIid:ZDI-20-813date:2020-07-07T00:00:00
db:ZDIid:ZDI-20-812date:2020-07-07T00:00:00
db:ZDIid:ZDI-20-811date:2021-06-29T00:00:00
db:ZDIid:ZDI-20-810date:2020-07-07T00:00:00
db:CNVDid:CNVD-2020-38698date:2020-07-14T00:00:00
db:VULHUBid:VHN-145365date:2020-07-07T00:00:00
db:JVNDBid:JVNDB-2019-008328date:2019-08-29T00:00:00
db:CNNVDid:CNNVD-201908-146date:2021-10-29T00:00:00
db:NVDid:CVE-2019-13511date:2024-12-17T15:52:51.450

SOURCES RELEASE DATE

db:ZDIid:ZDI-19-695date:2019-08-08T00:00:00
db:ZDIid:ZDI-20-814date:2020-07-07T00:00:00
db:ZDIid:ZDI-20-813date:2020-07-07T00:00:00
db:ZDIid:ZDI-20-812date:2020-07-07T00:00:00
db:ZDIid:ZDI-20-811date:2020-07-07T00:00:00
db:ZDIid:ZDI-20-810date:2020-07-07T00:00:00
db:CNVDid:CNVD-2020-38698date:2020-07-14T00:00:00
db:VULHUBid:VHN-145365date:2019-08-15T00:00:00
db:JVNDBid:JVNDB-2019-008328date:2019-08-29T00:00:00
db:CNNVDid:CNNVD-201908-146date:2019-08-01T00:00:00
db:NVDid:CVE-2019-13511date:2019-08-15T19:15:10.950