Vulnerability in Rockwell Automation Arena Input Analyzer
CVE-2024-6068
A memory corruption vulnerability exists in the affected products when parsing DFT files. Local threat actors can exploit this issue to disclose information and to execute arbitrary code. To exploit this vulnerability a legitimate user mu…
EPSS: 0.002 (16.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Rockwell Automation Arena Input Analyzer — versions <=16.20.03
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2024-6068?
- CVE-2024-6068 is a high-severity vulnerability in Rockwell Automation Arena Input Analyzer, classified under Improper Validation of Specified Quantity in Input. CVSS score: 7.3/10. Published 2024-11-14.
- How severe is CVE-2024-6068?
- High severity. CVSS v3 base score is 7.3 out of 10.