ARBITRARY CODE EXECUTION
In computer security, arbitrary code execution (ACE) is used to describe an attacker's ability to execute arbitrary commands or code on a target machine or in a target process. An arbitrary code execution vulnerability is a security flaw in software or hardware allowing arbitrary code execution. A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit. The ability to trigger arbitrary code execution over a network (especially via a wide-area network such as the Internet) is often referred to as remote code execution (RCE).
Unlike Cmd Injection vulnerability, arbitrary code execution rule tries to cover the protection of any command execution without a direct relation with the incoming data, so that it can block any untrusted command execution and future zero days that cause RCEs
How to solve it
Hdiv protects againts arbitrary code execution by detecting normal execution flow and creating assisted whitelists. With this model del security team can complete avoid new zero days flaws related with RCE, by providing a "positive" security model based purely on whitelists