Refine your search
2 vulnerabilities found for by rockwellautomation
CVE-2025-11918 (GCVE-0-2025-11918)
Vulnerability from cvelistv5
Published
2025-11-14 13:28
Modified
2025-11-14 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
Rockwell Automation Arena® suffers from a
stack-based buffer overflow vulnerability. The specific flaw exists within the
parsing of DOE files. Local attackers are able to exploit this issue to
potentially execute arbitrary code on affected installations of Arena®. Exploiting
the vulnerability requires opening a malicious DOE file.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | Arena® Simulation |
Version: Version 16.20.10 and prior |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11918",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T15:44:06.869099Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T15:44:16.712Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arena\u00ae Simulation",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "Version 16.20.10 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Rockwell Automation Arena\u00ae suffers from a\nstack-based buffer overflow vulnerability. The specific flaw exists within the\nparsing of DOE files. Local attackers are able to exploit this issue to\npotentially execute arbitrary code on affected installations of Arena\u00ae. Exploiting\nthe vulnerability requires opening a malicious DOE file.\n\n\n\n\u003cbr\u003e"
}
],
"value": "Rockwell Automation Arena\u00ae suffers from a\nstack-based buffer overflow vulnerability. The specific flaw exists within the\nparsing of DOE files. Local attackers are able to exploit this issue to\npotentially execute arbitrary code on affected installations of Arena\u00ae. Exploiting\nthe vulnerability requires opening a malicious DOE file."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T13:28:39.453Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1763.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026amp;mode=3\u0026amp;refSoft=1\u0026amp;versions=66110\"\u003eUpgrade\nto version 16.20.11 and later\u003c/a\u003e"
}
],
"value": "Upgrade\nto version 16.20.11 and later"
}
],
"source": {
"advisory": "SD1763",
"discovery": "EXTERNAL"
},
"title": "Rockwell Automation Arena\u00ae Simulation Stack-Based Buffer Overflow Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-11918",
"datePublished": "2025-11-14T13:28:39.453Z",
"dateReserved": "2025-10-17T14:31:53.014Z",
"dateUpdated": "2025-11-14T15:44:16.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2014-5410 (GCVE-0-2014-5410)
Vulnerability from cvelistv5
Published
2014-10-03 18:00
Modified
2025-11-04 22:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | Allen-Bradley MicroLogix 1400 |
Version: 0 < Version: 0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:49.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-254-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Allen-Bradley MicroLogix 1400",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "1766-Lxxxxx Series A FRN 7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "1766-Lxxxxx Series B FRN 15.000",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "Series B FRN 15.001 or higher"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Luallen of CYBATI"
}
],
"datePublic": "2014-09-30T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.\u003c/p\u003e"
}
],
"value": "The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-04T22:30:19.113Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-254-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-254-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRockwell Automation has released a new version of MicroLogix 1400 \nSeries B firmware to address the vulnerability and reduce associated \nrisk to successful exploitation. Subsequent versions of MicroLogix 1400 \nSeries B firmware and newer will incorporate these same enhancements.\u003c/p\u003e\n\u003cp\u003eRockwell Automation recommends the following immediate mitigation \nstrategies (when possible, multiple strategies should be employed \nsimultaneously):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade all MicroLogix 1400 Series B controllers to Series B FRN \n15.001 or higher. Current firmware for the MicroLogix 1400 Series B \nplatform can be obtained at the following web address:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.rockwellautomation.com/rockwellautomation/support/pcdc.page\"\u003ehttp://www.rockwellautomation.com/rockwellautomation/support/pcdc.page\u003c/a\u003e\u003c/p\u003e\n\n\n\u003cp\u003ePlease refer to Rockwell Automation\u2019s product disclosure (AID 620295) for more information on this topic available at:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295\"\u003ehttps://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Rockwell Automation has released a new version of MicroLogix 1400 \nSeries B firmware to address the vulnerability and reduce associated \nrisk to successful exploitation. Subsequent versions of MicroLogix 1400 \nSeries B firmware and newer will incorporate these same enhancements.\n\n\nRockwell Automation recommends the following immediate mitigation \nstrategies (when possible, multiple strategies should be employed \nsimultaneously):\n\n\n\n * Upgrade all MicroLogix 1400 Series B controllers to Series B FRN \n15.001 or higher. Current firmware for the MicroLogix 1400 Series B \nplatform can be obtained at the following web address:\n\n\n\n\n http://www.rockwellautomation.com/rockwellautomation/support/pcdc.page \n\n\n\n\nPlease refer to Rockwell Automation\u2019s product disclosure (AID 620295) for more information on this topic available at:\n\n\n https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295"
}
],
"source": {
"advisory": "ICSA-14-254-02",
"discovery": "EXTERNAL"
},
"title": "Rockwell Automation Micrologix 1400 Improper Input Validation",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUsers with Series A and Series B controllers are also recommended to apply the following risk mitigations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDo not enable DNP3 communication in the product unless required.\u003c/li\u003e\n\u003cli\u003eWhere appropriate, prohibit DNP3 communication that originates \noutside the perimeter of the manufacturing zone from entry into the zone\n by blocking communication directed at Ethernet communication Port \n20000/TCP* and 20000/UDP* using appropriate security technology (e.g., a\n firewall, UTM devices, or other security appliance)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; *Note: Ports 20000/TCP and 20000/UDP are factory defaults \nas per the DNP3 specification but can be reconfigured by the product \nowner.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmploy firewalls with ingress/egress filtering, intrusion \ndetection/prevention systems, and validate all configurations. Evaluate \nfirewall configurations to ensure other appropriate inbound and outbound\n traffic is blocked.\u003c/li\u003e\n\u003cli\u003eRestrict physical and electronic access to automation products, \nnetworks, and systems to only those individuals authorized to be in \ncontact with control system equipment.\u003c/li\u003e\u003cli\u003eEmploy layered security, defense-in-depth methods and network \nsegregation and segmentation practices in system design to restrict and \ncontrol access to individual products and control networks. Refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.ab.com/networks/architectures.html%20\"\u003ehttp://www.ab.com/networks/architectures.html\u003c/a\u003e\u0026nbsp;for comprehensive information about implementing validated architectures designed to deliver these measures.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease refer to Rockwell Automation\u2019s product disclosure (AID 620295) for more information on this topic available at:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295\"\u003ehttps://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Users with Series A and Series B controllers are also recommended to apply the following risk mitigations:\n\n\n\n * Do not enable DNP3 communication in the product unless required.\n\n * Where appropriate, prohibit DNP3 communication that originates \noutside the perimeter of the manufacturing zone from entry into the zone\n by blocking communication directed at Ethernet communication Port \n20000/TCP* and 20000/UDP* using appropriate security technology (e.g., a\n firewall, UTM devices, or other security appliance)\n\n\n\n\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 *Note: Ports 20000/TCP and 20000/UDP are factory defaults \nas per the DNP3 specification but can be reconfigured by the product \nowner.\n\n\n\n * Employ firewalls with ingress/egress filtering, intrusion \ndetection/prevention systems, and validate all configurations. Evaluate \nfirewall configurations to ensure other appropriate inbound and outbound\n traffic is blocked.\n\n * Restrict physical and electronic access to automation products, \nnetworks, and systems to only those individuals authorized to be in \ncontact with control system equipment.\n * Employ layered security, defense-in-depth methods and network \nsegregation and segmentation practices in system design to restrict and \ncontrol access to individual products and control networks. Refer to http://www.ab.com/networks/architectures.html http://www.ab.com/networks/architectures.html%20 \u00a0for comprehensive information about implementing validated architectures designed to deliver these measures.\n\n\n\n\nPlease refer to Rockwell Automation\u2019s product disclosure (AID 620295) for more information on this topic available at:\n\n\n https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295"
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-5410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-254-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-254-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-5410",
"datePublished": "2014-10-03T18:00:00",
"dateReserved": "2014-08-22T00:00:00",
"dateUpdated": "2025-11-04T22:30:19.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}