{"uuid": "b97608a3-f3d1-4258-8740-4e77f72069b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11364", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8245", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11364\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Another \u201cuninitialized variable\u201d code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.\n\ud83d\udccf Published: 2024-12-19T21:04:52.473Z\n\ud83d\udccf Modified: 2025-03-20T18:03:57.750Z\n\ud83d\udd17 References:\n1. https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1713.html", "creation_timestamp": "2025-03-20T18:20:41.000000Z"}