Details of VAR-202001-0758

ID

VAR-202001-0758

CVE

CVE-2019-13519

TITLE

Rockwell Automation Arena Simulation Software Vulnerabilities in type mixing

Trust: 0.8

sources: JVNDB: JVNDB-2019-014431

DESCRIPTION

A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of DOE files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process

Trust: 2.88

sources: NVD: CVE-2019-13519 // JVNDB: JVNDB-2019-014431 // ZDI: ZDI-19-802 // CNVD: CNVD-2020-14916 // VULHUB: VHN-145373

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-14916

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	arena simulation	scope:	lte	version:	16.00.00	Trust: 1.0
vendor:	rockwell automation	model:	arena simulation software	scope:	eq	version:	-	Trust: 0.8
vendor:	rockwell automation	model:	arena simulation software	scope:	lte	version:	16.00.00	Trust: 0.8
vendor:	rockwell automation	model:	arena simulation	scope:	-	version:	-	Trust: 0.7
vendor:	rockwell	model:	automation rockwell automation arena simulation software	scope:	-	version:	-	Trust: 0.6
vendor:	rockwellautomation	model:	arena simulation	scope:	eq	version:	-	Trust: 0.6
vendor:	rockwellautomation	model:	arena simulation	scope:	eq	version:	16.00.00	Trust: 0.6

sources: ZDI: ZDI-19-802 // CNVD: CNVD-2020-14916 // JVNDB: JVNDB-2019-014431 // CNNVD: CNNVD-201909-368 // NVD: CVE-2019-13519

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-13519
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-13519
value:	HIGH
Trust: 0.8
ZDI:	CVE-2019-13519
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2020-14916
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201909-368
value:	HIGH
Trust: 0.6
VULHUB:	VHN-145373
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-13519
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2020-14916
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-145373
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-13519
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2019-13519
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2019-13519
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-19-802 // CNVD: CNVD-2020-14916 // VULHUB: VHN-145373 // JVNDB: JVNDB-2019-014431 // CNNVD: CNNVD-201909-368 // NVD: CVE-2019-13519

PROBLEMTYPE DATA

problemtype:	CWE-843	Trust: 1.1
problemtype:	Wrong mix of types (CWE-843) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-145373 // JVNDB: JVNDB-2019-014431 // NVD: CVE-2019-13519

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201909-368

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201909-368

PATCH

title:	Top Page	url:	https://www.rockwellautomation.com/global/overview.page	Trust: 0.8
title:	Rockwell Automation has issued an update to correct this vulnerability.	url:	https://www.us-cert.gov/ics/advisories/icsa-19-213-05	Trust: 0.7
title:	Patch for Rockwell Automation Arena Simulation Software Cross-Site Scripting Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/206323	Trust: 0.6

sources: ZDI: ZDI-19-802 // CNVD: CNVD-2020-14916 // JVNDB: JVNDB-2019-014431

EXTERNAL IDS

db:	NVD	id:	CVE-2019-13519	Trust: 3.8
db:	ZDI	id:	ZDI-19-802	Trust: 3.0
db:	ICS CERT	id:	ICSA-19-213-05	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-014431	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-8175	Trust: 0.7
db:	CNVD	id:	CNVD-2020-14916	Trust: 0.7
db:	CNNVD	id:	CNNVD-201909-368	Trust: 0.7
db:	VULHUB	id:	VHN-145373	Trust: 0.1

sources: ZDI: ZDI-19-802 // CNVD: CNVD-2020-14916 // VULHUB: VHN-145373 // JVNDB: JVNDB-2019-014431 // CNNVD: CNNVD-201909-368 // NVD: CVE-2019-13519

REFERENCES

url:	https://www.us-cert.gov/ics/advisories/icsa-19-213-05	Trust: 3.2
url:	https://www.zerodayinitiative.com/advisories/zdi-19-802/	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13519	Trust: 1.4

sources: ZDI: ZDI-19-802 // CNVD: CNVD-2020-14916 // VULHUB: VHN-145373 // JVNDB: JVNDB-2019-014431 // CNNVD: CNNVD-201909-368 // NVD: CVE-2019-13519

CREDITS

kimiya of 9SG Security Team - kimiya@9sgsec.com

Trust: 1.3

sources: ZDI: ZDI-19-802 // CNNVD: CNNVD-201909-368

SOURCES

db:	ZDI	id:	ZDI-19-802
db:	CNVD	id:	CNVD-2020-14916
db:	VULHUB	id:	VHN-145373
db:	JVNDB	id:	JVNDB-2019-014431
db:	CNNVD	id:	CNNVD-201909-368
db:	NVD	id:	CVE-2019-13519

LAST UPDATE DATE

2024-08-14T13:44:27.737000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-19-802	date:	2019-09-09T00:00:00
db:	CNVD	id:	CNVD-2020-14916	date:	2020-03-02T00:00:00
db:	VULHUB	id:	VHN-145373	date:	2020-02-03T00:00:00
db:	JVNDB	id:	JVNDB-2019-014431	date:	2020-02-17T00:00:00
db:	CNNVD	id:	CNNVD-201909-368	date:	2020-03-05T00:00:00
db:	NVD	id:	CVE-2019-13519	date:	2020-02-03T16:45:05.490

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-19-802	date:	2019-09-09T00:00:00
db:	CNVD	id:	CNVD-2020-14916	date:	2020-03-02T00:00:00
db:	VULHUB	id:	VHN-145373	date:	2020-01-27T00:00:00
db:	JVNDB	id:	JVNDB-2019-014431	date:	2020-02-17T00:00:00
db:	CNNVD	id:	CNNVD-201909-368	date:	2019-09-09T00:00:00
db:	NVD	id:	CVE-2019-13519	date:	2020-01-27T23:15:10.437