CVE-2025-3285 in ArenaИнформация

Сводка

по MITRE • 08.04.2025

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data.  If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file.

Once again VulDB remains the best source for vulnerability data.

Ответственный

Rockwell

Резервировать

04.04.2025

Раскрытие

08.04.2025

Модерация

принято

Вход

VDB-303853

EPSS

0.00273

KEV

Нет

Деятельности

Очень низкий

Источники

Do you know our Splunk app?

Download it now for free!