Home

Description

A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF019. To recover, clear the fault.

PUBLISHED Reserved 2025-12-01 | Published 2025-12-15 | Updated 2025-12-15 | Assigner Rockwell




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-763: Release of Invalid Pointer or Reference

Product status

Default status
unaffected

V23.011 and below
affected

V12.013 and lower
affected

V14.011 and lower
affected

References

www.rockwellautomation.com/...dvisories/advisory.SD1766.html

cve.org (CVE-2025-13824)

nvd.nist.gov (CVE-2025-13824)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.