Rewterz Threat Advisory – ICS: Multiple Rockwell Automation Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-29462 CVSS:7.8

Rockwell Automation Arena Simulation is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system.

CVE-2023-29460 CVSS:7.8

Rockwell Automation Arena Simulation is vulnerable to a buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system.

CVE-2023-29461 CVSS:7.8

Rockwell Automation Arena Simulation is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system.

CVE-2023-1834 CVSS:9.4

This vulnerability affects an unknown part of the component Telnet/FTP. The manipulation with an unknown input leads to a access control vulnerability. The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor. As an impact it is known to affect confidentiality, integrity, and availability.

Impact

• Buffer Overflow
• Unauthorized Access

Indicators Of Compromise

CVE

• CVE-2023-29462
• CVE-2023-29460
• CVE-2023-29461
• CVE-2023-1834

Affected Vendors

Rockwell Automation

Affected Products

• Arena Simulation Software
• Kinetix 5500

Remediation

Refer to Rockwell Automation Web site for patch, upgrade or suggested workaround information.

Arena Simulation Software

Kinetix 5500