Multiple SAP Products Vulnerabilities
July 14, 2025Multiple IBM Products Vulnerabilities
July 14, 2025Multiple SAP Products Vulnerabilities
July 14, 2025Multiple IBM Products Vulnerabilities
July 14, 2025Severity
High
Analysis Summary
CVE-2025-6376 CVSS:7.1
Rockwell Automation Arena Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write vulnerability. By persuading a victim to open a specially crafted DOE file , an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2025-6377 CVSS:7.1
Rockwell Automation Arena Simulation could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write vulnerability. By persuading a victim to open a specially crafted DOE file , an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators of Compromise
CVE
CVE-2025-6376
CVE-2025-6377
Affected Vendors
Affected Products
- Rockwell Automation Arena 16.20.08
Remediation
Upgrade to the latest version of Arena Simulation, available from the Rockwell Automation Security Advisory.