Description
A security issue exists within Arena® Simulation due to a memory corruption vulnerability in the model.exe (Siman) component. The vulnerability stems from improper validation of user-supplied data, which can result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process by convincing a user to open a malicious file.
No analysis available yet.
Remediation
Vendor Solution
Upgrade to V17.00.01 or later
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Tue, 14 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 14 Jul 2026 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security issue exists within Arena® Simulation due to a memory corruption vulnerability in the model.exe (Siman) component. The vulnerability stems from improper validation of user-supplied data, which can result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process by convincing a user to open a malicious file. | |
| Title | Rockwell Automation Arena® - Memory Corruption Vulnerability | |
| Weaknesses | CWE-787 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: Rockwell
Published:
Updated: 2026-07-14T13:51:03.253Z
Reserved: 2026-05-07T12:29:42.256Z
Link: CVE-2026-8085
Updated: 2026-07-14T13:50:58.325Z
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-787
Out-of-bounds Write