An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap.
potentially resulting in a complete loss of confidentiality, integrity, and availability.
Credits
This vulnerability was reported to Rockwell Automation by Simon Janz working with Trend Micro's Zero Day Initiative.
