{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T19:48:56.409","vulnerabilities":[{"cve":{"id":"CVE-2024-21919","sourceIdentifier":"PSIRT@rockwellautomation.com","published":"2024-03-26T16:15:11.073","lastModified":"2024-12-17T16:16:16.773","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"\nAn uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly.  Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor.\n\n"},{"lang":"es","value":"Un puntero no inicializado en el software de Rockwell Automation Arena Simulation podría permitir que un usuario malintencionado inserte código no autorizado en el software aprovechando el puntero una vez que esté correctamente. Una vez dentro, el actor de la amenaza puede ejecutar código dañino en el sistema. Esto afecta la confidencialidad, integridad y disponibilidad del producto. Para desencadenar esto, el usuario tendría que abrir, sin saberlo, un archivo malicioso compartido por el actor de la amenaza."}],"metrics":{"cvssMetricV31":[{"source":"PSIRT@rockwellautomation.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"PSIRT@rockwellautomation.com","type":"Secondary","description":[{"lang":"en","value":"CWE-824"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-824"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:arena:*:*:*:*:*:*:*:*","versionStartIncluding":"16.00.00","versionEndExcluding":"16.20.03","matchCriteriaId":"7433512B-62BB-4412-BFBA-6EA4679B3778"}]}]}],"references":[{"url":"https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html","source":"PSIRT@rockwellautomation.com","tags":["Broken Link"]},{"url":"https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}}]}