CVE-2025-7693 | THREATINT

Description

A security issue exists due to improper handling of malformed CIP Forward Close packets during fuzzing. The controller enters a solid red Fault LED state and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF015. To recover, clear the fault.

PUBLISHED Reserved 2025-07-15 | Published 2025-08-18 | Updated 2025-08-18 | Assigner Rockwell

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-20: Improper Input Validation

Product status

Default status

unaffected

V20.011 - V22.011

affected

References

www.rockwellautomation.com/...dvisories/advisory.SD1736.html

cve.org (CVE-2025-7693)

nvd.nist.gov (CVE-2025-7693)

Download JSON