CVE-2025-7353 | THREATINT

Description

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow.

PUBLISHED Reserved 2025-07-08 | Published 2025-08-14 | Updated 2025-08-15 | Assigner Rockwell

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-1188: Initialization of a Resource with an Insecure Default

Product status

Default status

unaffected

Version 11.004 or below

affected

Default status

unaffected

Version 11.004 or below

affected

Default status

unaffected

Version 11.004 or below

affected

Default status

unaffected

Version 11.004 or below

affected

Default status

unaffected

Version 11.004 or below

affected

References

www.rockwellautomation.com/...dvisories/advisory.SD1732.html

cve.org (CVE-2025-7353)

nvd.nist.gov (CVE-2025-7353)

Download JSON

help @ threatint.eu