Vulnerability Details CVE-2025-7025
A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.3%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2025-7025
-
cpe:2.3:a:rockwellautomation:arena:-
-
cpe:2.3:a:rockwellautomation:arena:10.00.00
-
cpe:2.3:a:rockwellautomation:arena:11.00.00
-
cpe:2.3:a:rockwellautomation:arena:12.00.00
-
cpe:2.3:a:rockwellautomation:arena:13.00.00
-
cpe:2.3:a:rockwellautomation:arena:13.50.00
-
cpe:2.3:a:rockwellautomation:arena:13.90.00
-
cpe:2.3:a:rockwellautomation:arena:14.00.00
-
cpe:2.3:a:rockwellautomation:arena:14.00.01
-
cpe:2.3:a:rockwellautomation:arena:14.50.00
-
cpe:2.3:a:rockwellautomation:arena:14.70.00
-
cpe:2.3:a:rockwellautomation:arena:15.00.00
-
cpe:2.3:a:rockwellautomation:arena:15.10.00
-
cpe:2.3:a:rockwellautomation:arena:15.10.01
-
cpe:2.3:a:rockwellautomation:arena:16.00.00
-
cpe:2.3:a:rockwellautomation:arena:16.00.01
-
cpe:2.3:a:rockwellautomation:arena:16.10.00
-
cpe:2.3:a:rockwellautomation:arena:16.20.00
-
cpe:2.3:a:rockwellautomation:arena:16.20.01
-
cpe:2.3:a:rockwellautomation:arena:16.20.02
-
cpe:2.3:a:rockwellautomation:arena:16.20.03
-
cpe:2.3:a:rockwellautomation:arena:16.20.04
-
cpe:2.3:a:rockwellautomation:arena:16.20.05
-
cpe:2.3:a:rockwellautomation:arena:16.20.06
-
cpe:2.3:a:rockwellautomation:arena:16.20.07
-
cpe:2.3:a:rockwellautomation:arena:16.20.08
-
cpe:2.3:a:rockwellautomation:arena:16.20.09
-
cpe:2.3:a:rockwellautomation:arena:2.00.00
-
cpe:2.3:a:rockwellautomation:arena:2.50.00
-
cpe:2.3:a:rockwellautomation:arena:3.00.00
-
cpe:2.3:a:rockwellautomation:arena:8.01.00
-
cpe:2.3:a:rockwellautomation:arena:9.00.00