Lucene search
K

6 matches found

NVD
NVD
added 2025/07/09 9:15 p.m.7 views

CVE-2025-6376

A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threa...

7.8CVSS0.00205EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 8:13 p.m.3 views

CVE-2025-6376 Arena® Simulation Out-Of-Bounds Write Remote Code Execution Vulnerability

A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threa...

7.1CVSS7.9AI score0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/09 8:13 p.m.8 views

CVE-2025-6376 Arena® Simulation Out-Of-Bounds Write Remote Code Execution Vulnerability

A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threa...

7.1CVSS0.00205EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/02 12:0 a.m.7 views

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena arises from reading data beyond the acceptable range in memory. This allows attackers to exploit the protected information and execute arbitrary code.

The vulnerability of software for discrete event simulation and automation in Rockwell Automation Arena relates to reading data beyond the allowable range in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information and execute arbitrary code, provided that the...

7.8CVSS5.4AI score0.00273EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/12/19 9:15 p.m.4 views

CVE-2024-12175

Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. If exploited, a threat actor could leverage this vulnerability to execute arbitrary...

7.8CVSS6.1AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/06/21 12:0 a.m.4 views

PT-2021-8242 · Rockwell Automation · Rockwell Automation Arena

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A third-party vulnerability exists in the Rockwell Automation Arena that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If...

8.5CVSS7.3AI score0.00235EPSS
Exploits0References9
Rows per page
Query Builder