CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7033 – Rockwell Automation Heap-based Buffer Overflow In Arena® Simulation
https://notcve.org/view.php?id=CVE-2025-7033
05 Aug 2025 — A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information. Existe un problema de abuso de memoria en Rockwell Automation Arena® Simulation. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1731.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7032 – Rockwell Automation Stack-based Buffer Overflow In Arena® Simulation
https://notcve.org/view.php?id=CVE-2025-7032
05 Aug 2025 — A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information. Existe un problema de abuso de memoria en Rockwell Automation Arena® Simulation. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1731.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7025 – Rockwell Automation Heap-based Buffer Overflow In Arena® Simulation
https://notcve.org/view.php?id=CVE-2025-7025
05 Aug 2025 — A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information. Existe un problema de abuso de memoria en Rockwell Automation Arena® Simulation. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1731.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-2929 – Rockwell Automation Arena Simulation Vulnerable To Memory Corruption
https://notcve.org/view.php?id=CVE-2024-2929
26 Mar 2024 — A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. Una vulnerabilidad de corrupción de memor... • https://github.com/Lavender-exe/CVE-2024-29296-PoC • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21920 – Rockwell Automation Arena Simulation Vulnerable To Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-21920
26 Mar 2024 — A memory buffer vulnerability in Rockwell Automation Arena Simulation could potentially let a threat actor read beyond the intended memory boundaries. This could reveal sensitive information and even cause the application to crash, resulting in a denial-of-service condition. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. Una vulnerabilidad del búfer de memoria en Rockwell Automation Arena Simulation podría permitir que un actor de amenazas lea más allá ... • https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21919 – Rockwell Automation Arena Simulation Vulnerable To Uninitialized Pointer
https://notcve.org/view.php?id=CVE-2024-21919
26 Mar 2024 — An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. Un puntero no inicializado en el software de Rockwell Autom... • https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21918 – Rockwell Automation Arena Simulation Vulnerable To Memory Corruption
https://notcve.org/view.php?id=CVE-2024-21918
26 Mar 2024 — A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and triggering an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. Una vulnerabilidad del búfer de memoria e... • https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21913 – Rockwell Automation Arena Simulation Vulnerable To Memory Corruption
https://notcve.org/view.php?id=CVE-2024-21913
26 Mar 2024 — A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. Una v... • https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21912 – Rockwell Automation Arena Simulation vulnerable to out of bounds write
https://notcve.org/view.php?id=CVE-2024-21912
26 Mar 2024 — An arbitrary code execution vulnerability in Rockwell Automation Arena Simulation could let a malicious user insert unauthorized code into the software. This is done by writing beyond the designated memory area, which causes an access violation. Once inside, the threat actor can run harmful code on the system. This affects the confidentiality, integrity, and availability of the product. To trigger this, the user would unwittingly need to open a malicious file shared by the threat actor. • https://www.rockwellautomation.com/en-us/support/advisory.SD-1665.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27858 – Rockwell Automation Arena® Simulation Uninitialized Pointer Vulnerability
https://notcve.org/view.php?id=CVE-2023-27858
27 Oct 2023 — Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application. The threat-actor could then execute malicious code on the system affecting the confidentiality, integrity, and availability of the product. The user would need to open a malicious file provided to them by the attacker for the code to execute. Rockwell Automation Arena Simulation ... • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141145 • CWE-824: Access of Uninitialized Pointer •