Unrated severityNVD Advisory· Published Apr 8, 2025· Updated Apr 8, 2025
Local Code Execution Vulnerability in Arena®
CVE-2025-3285
Description
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 16.20.08 and earlier
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.