{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T23:57:21.048","vulnerabilities":[{"cve":{"id":"CVE-2024-21920","sourceIdentifier":"PSIRT@rockwellautomation.com","published":"2024-03-26T16:15:11.277","lastModified":"2024-12-17T15:52:01.670","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"\n\n\nA memory buffer vulnerability in Rockwell Automation Arena Simulation could potentially let a threat actor read beyond the intended memory boundaries. This could reveal sensitive information and even cause the application to crash, resulting in a denial-of-service condition. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor.\n\n\n\n"},{"lang":"es","value":"Una vulnerabilidad del búfer de memoria en Rockwell Automation Arena Simulation podría permitir que un actor de amenazas lea más allá de los límites de memoria previstos. Esto podría revelar información confidencial e incluso provocar que la aplicación falle, lo que provocaría una condición de denegación de servicio. Para desencadenar esto, el usuario tendría que abrir, sin saberlo, un archivo malicioso compartido por el actor de la amenaza."}],"metrics":{"cvssMetricV31":[{"source":"PSIRT@rockwellautomation.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"PSIRT@rockwellautomation.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:arena:*:*:*:*:*:*:*:*","versionStartIncluding":"16.00.00","matchCriteriaId":"C8A71AA4-C01D-47F2-B87F-96EF9B461BD1"}]}]}],"references":[{"url":"https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html","source":"PSIRT@rockwellautomation.com","tags":["Broken Link"]},{"url":"https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}}]}