CVE-2019-13521 Vulnerability Details

  /     /     /  

CVE-2019-13521 Metadata Quick Info

CVE Published: 27/01/2020 | CVE Updated: 04/08/2024 | CVE Year: 2019
Source: icscert | Vendor: Rockwell | Product: Rockwell Automation Arena Simulation Software
Status : PUBLISHED

---

CVE-2019-13521 Description

A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-357
CWE Name: Insufficient UI warning of dangerous operations CWE-357
Source: Rockwell

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).