A security issue exists within Arena® Simulation due to a memory corruption vulnerability in the model.exe (Siman) component. The vulnerability stems from improper validation of user-supplied data, which can result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process by convincing a user to open a malicious file.
Project Subscriptions
No data.
Advisories
No advisories yet.
Fixes
Solution
Upgrade to V17.00.01 or later
Workaround
No workaround given by the vendor.
References
History
Tue, 14 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 14 Jul 2026 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security issue exists within Arena® Simulation due to a memory corruption vulnerability in the model.exe (Siman) component. The vulnerability stems from improper validation of user-supplied data, which can result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process by convincing a user to open a malicious file. | |
| Title | Rockwell Automation Arena® - Memory Corruption Vulnerability | |
| Weaknesses | CWE-787 | |
| References |
| |
| Metrics |
cvssV4_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Rockwell
Published:
Updated: 2026-07-14T13:51:03.253Z
Reserved: 2026-05-07T12:29:42.256Z
Link: CVE-2026-8085
Updated: 2026-07-14T13:50:58.325Z
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses