216.73.216.86

CVE-2025-3289

· Published 08/04/2025 16:15 · Modified 08/04/2025 18:13

Labels: CVE-2025-3289 2025-04-08CVE-2025-3289[email protected]

Essential information

Published
08/04/2025 16:15
Modified
08/04/2025 18:13
Author
Creator
CISA KEV
No
CWE

Description

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References