CVE-2025-11918: 
NixOS vulnerability analysis and mitigation

Rockwell Automation Arena® Simulation software contains a stack-based buffer overflow vulnerability (CVE-2025-11918) discovered on November 14, 2025. The vulnerability affects Arena® Simulation version 16.20.10 and prior versions. The flaw exists within the parsing of DOE files, allowing local attackers to potentially execute arbitrary code on affected installations (Rockwell Advisory).

The vulnerability is classified as a stack-based buffer overflow (CWE-121) with a CVSS 4.0 Base Score of 7.1 (HIGH) and CVSS 3.1 Base Score of 7.0. The vulnerability vector string for CVSS 4.0 is CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N, indicating local access is required with high attack complexity (Rockwell Advisory).

If successfully exploited, this vulnerability could allow local attackers to execute arbitrary code on affected installations of Arena® Simulation. The execution would occur in the context of the current user when opening a malicious DOE file (Rockwell Advisory).

Rockwell Automation has released version 16.20.11 to address this vulnerability. Users are advised to upgrade to version 16.20.11 or later. For customers unable to upgrade immediately, Rockwell recommends following their security best practices (Rockwell Advisory).

The vulnerability was initially reported by security researcher Michael Heinzl, demonstrating Rockwell Automation's commitment to customer transparency and improvement of business environments (Rockwell Advisory).