Memory Abuse Vulnerability in Rockwell Automation Arena® Simulation
CVE-2025-7033

8.4HIGH

Key Information:

Vendor: Rockwell Automation
Status: Arena® Simulation
Vendor: CVE Published:; 5 August 2025

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2025-7033?

A memory abuse vulnerability exists in Rockwell Automation's Arena® Simulation software, which could lead to unauthorized memory access. By exploiting this vulnerability, a malicious user may craft a custom file that triggers the software to read and write beyond the allocated memory boundaries. This exploitation typically requires the user to take action, such as opening a compromised file or visiting a malicious webpage. If successfully executed, this could allow the attacker to run arbitrary code or gain access to sensitive information stored in memory.

Affected Version(s)

Arena® Simulation 16.20.09 and prior

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 5, 2025
Vulnerability Reserved
Jul 2, 2025