CVE-2024-21920

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Mar 26, 2024
Updated: Dec 17, 2024
CWE ID 125

Summary

CVE-2024-21920 is a memory buffer vulnerability discovered in Rockwell Automation Arena Simulation. This issue allows a threat actor to read beyond intended memory boundaries, potentially exposing sensitive information and causing application crashes, leading to denial-of-service conditions. The vulnerability can be exploited if a user opens a maliciously crafted file provided by the attacker.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share