Multiple vulnerabilities in Rockwell Automation Arena
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 11 |
| CVE-ID | CVE-2025-2285 CVE-2025-2286 CVE-2025-2287 CVE-2025-2288 CVE-2025-2293 CVE-2025-2829 CVE-2025-3285 CVE-2025-3286 CVE-2025-3287 CVE-2025-3288 CVE-2025-3289 |
| CWE-ID | CWE-457 CWE-787 CWE-125 CWE-121 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Arena Server applications / Virtualization software |
| Vendor | Rockwell Automation |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
1) Use of Uninitialized Variable
EUVDB-ID: #VU107409
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-2285
CWE-ID:
CWE-457 - Use of Uninitialized Variable
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an uninitialized pointer. A remote attacker can trick a victim to open a specially crafted DOE file and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of Uninitialized Variable
EUVDB-ID: #VU107410
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-2286
CWE-ID:
CWE-457 - Use of Uninitialized Variable
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an uninitialized pointer. A remote attacker can trick a victim to open a specially crafted DOE file and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use of Uninitialized Variable
EUVDB-ID: #VU107412
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-2287
CWE-ID:
CWE-457 - Use of Uninitialized Variable
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an uninitialized pointer. A remote attacker can trick a victim to open a specially crafted DOE file and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds write
EUVDB-ID: #VU107414
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-2288
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted DOE file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds write
EUVDB-ID: #VU107415
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-2293
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted DOE file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds write
EUVDB-ID: #VU107417
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-2829
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted DOE file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds read
EUVDB-ID: #VU107419
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-3285
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted DOE file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds read
EUVDB-ID: #VU107421
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-3286
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted DOE file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds read
EUVDB-ID: #VU107422
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-3287
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted DOE file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Out-of-bounds read
EUVDB-ID: #VU107423
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-3288
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted DOE file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system, leading to arbitrary code execution.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Stack-based buffer overflow
EUVDB-ID: #VU107424
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-3289
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote unauthenticated attacker can trick a victim to open a specially crafted DOE file, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArena: 16.20.08 and previous versions
CPE2.3- cpe:2.3:a:rockwell_automation:arena:*:*:*:*:*:*:*:*
- cpe:2.3:a:rockwell_automation:arena:16.20.08:*:*:*:*:*:*:*
https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
