VYPR

Arena Simulation

by Rockwellautomation

CVEs (15)

  • CVE-2024-2929HigMar 26, 2024
    risk 0.51cvss 7.8epss 0.00

    A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory triggering an access violation. Once inside, the threat actor can run harmful code…

  • CVE-2024-21919HigMar 26, 2024
    risk 0.51cvss 7.8epss 0.00

    An uninitialized pointer in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by leveraging the pointer after it is properly. Once inside, the threat actor can run harmful code on the system. This…

  • CVE-2024-21918HigMar 26, 2024
    risk 0.51cvss 7.8epss 0.00

    A memory buffer vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory and triggering an access violation. Once inside, the threat actor can run harmful code…

  • CVE-2024-21913HigMar 26, 2024
    risk 0.51cvss 7.8epss 0.00

    A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. Once inside, the…

  • CVE-2024-21912HigMar 26, 2024
    risk 0.51cvss 7.8epss 0.00

    An arbitrary code execution vulnerability in Rockwell Automation Arena Simulation could let a malicious user insert unauthorized code into the software. This is done by writing beyond the designated memory area, which causes an access violation. Once inside, the threat actor…

  • CVE-2023-27858HigOct 27, 2023
    risk 0.51cvss 7.8epss 0.00

    Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application.  The threat-actor could then execute…

  • CVE-2023-27854HigOct 27, 2023
    risk 0.51cvss 7.8epss 0.00

    An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow.  The threat-actor could then execute…

  • CVE-2023-29462HigMay 9, 2023
    risk 0.51cvss 7.8epss 0.01

    An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. …

  • CVE-2023-29461HigMay 9, 2023
    risk 0.51cvss 7.8epss 0.01

    An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. …

  • CVE-2023-29460HigMay 9, 2023
    risk 0.51cvss 7.8epss 0.01

    An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a…

  • CVE-2024-21920MedMar 26, 2024
    risk 0.29cvss 4.4epss 0.00

    A memory buffer vulnerability in Rockwell Automation Arena Simulation could potentially let a threat actor read beyond the intended memory boundaries. This could reveal sensitive information and even cause the application to crash, resulting in a denial-of-service condition.…

  • CVE-2025-11918Nov 14, 2025
    risk 0.00cvss epss 0.00

    Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. The specific flaw exists within the parsing of DOE files. Local attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of Arena®. Exploiting…

  • CVE-2025-7033Aug 5, 2025
    risk 0.00cvss epss 0.00

    A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute…

  • CVE-2025-7032Aug 5, 2025
    risk 0.00cvss epss 0.00

    A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute…

  • CVE-2025-7025Aug 5, 2025
    risk 0.00cvss epss 0.00

    A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute…