CVE-2025-6376 – Rockwell Automation Arena® Remote Code Execution Vulnerability

CVE ID : CVE-2025-6376

Published : July 9, 2025, 9:15 p.m. | 51 minutes ago

Description : A remote
code execution security issue exists in the Rockwell Automation Arena®.  A crafted DOE
file can force Arena Simulation to write beyond the boundaries of an allocated
object. Exploitation
requires user interaction, such as opening a malicious file within the software.
If exploited, a threat actor could execute arbitrary code on the target system.
The software must run under the context of the administrator in order to cause
worse case impact. This is reflected in the Rockwell CVSS score, as AT:P.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…