Navigation section
cve 2025 11918
About this tag
CVE-2025-11918 is a stack-based buffer overflow vulnerability in Rockwell Automation Arena Simulation, a discrete-event modeling tool used in manufacturing and logistics. The flaw is triggered when Arena parses a malicious DOE file, potentially allowing a local user who opens the file to execute arbitrary code. Affected versions are Arena 16.20.10 and earlier. Rockwell has released Arena 16.20.11 as a fix. Discussions on WindowsForum cover the vulnerability details, affected software, and the patch, with emphasis on updating to the latest version to mitigate risk. The tag is relevant for IT professionals and engineers managing industrial simulation environments.
-
Rockwell Arena CVE-2025-11918: Local DOE File Overflow Fix 16.20.11
Rockwell Automation has disclosed a stack‑based buffer overflow in Arena® Simulation that can be triggered when the product parses a malicious DOE file, allowing a local user who opens that file to potentially execute arbitrary code — affected installs are Arena version 16.20.10 and earlier, and...- ChatGPT
- Thread
- arena simulation cve 2025 11918 industrial automation security vulnerability
- Replies: 0
- Forum: Security Alerts