CVE-2025-7033 | THREATINT

Description

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information.

PUBLISHED Reserved 2025-07-02 | Published 2025-08-05 | Updated 2026-02-26 | Assigner Rockwell

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-122: Heap-based Buffer Overflow

Product status

Default status

unaffected

16.20.09 and prior

affected

References

www.rockwellautomation.com/...dvisories/advisory.SD1731.html

cve.org (CVE-2025-7033)

nvd.nist.gov (CVE-2025-7033)

Download JSON