Primary

Context

Rockwell Automation Arena Simulation Memory Corruption Vulnerability Allowing Code Execution

Vulnerability

Patched

A memory abuse vulnerability has been identified in Rockwell Automation Arena Simulation versions through 16.20.09. This issue allows a custom file to manipulate Arena Simulation into reading and writing beyond the allocated memory boundaries. Exploitation of this vulnerability requires user interaction, such as opening a malicious file or visiting a harmful webpage. If successfully exploited, it could lead to arbitrary code execution or unauthorized information disclosure.

Impact

Exploitation of this vulnerability could result in arbitrary code execution or unauthorized information disclosure.

Remediation

Users are advised to update to Arena Simulation version 16.20.10 or later. For those unable to upgrade, it is recommended to apply general security best practices.

Added: Aug 5, 2025, 4:03 PM

Updated: Aug 5, 2025, 4:03 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

7.9

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation Arena Simulation Memory Corruption Vulnerability Allowing Code Execution

Vulnerability

Impact

Remediation

Affected Products

Rockwell Automation Arena Simulation

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating