Common Weakness Enumeration

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

CVE-2025-9092 (GCVE-0-2025-9092)

Vulnerability from cvelistv5 – Published: 2025-08-16 10:29 – Updated: 2025-08-18 18:08
VLAI
Title
Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion
Summary
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9092",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-18T18:08:27.146804Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-18T18:08:35.298Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
          "defaultStatus": "unaffected",
          "modules": [
            "API"
          ],
          "packageName": "bc-fips",
          "platforms": [
            "All"
          ],
          "product": "Bouncy Castle for Java - BC-FJA 2.1.0",
          "programFiles": [
            "org.bouncycastle.crypto.fips.NativeLoader"
          ],
          "vendor": "Legion of the Bouncy Castle Inc.",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "BC-FJA 2.1.0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eorg.Bouncycastle.Crypto.Fips.NativeLoader\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.\u003c/p\u003e"
            }
          ],
          "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader.\n\nThis issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-130",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-130 Excessive Allocation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 1,
            "baseSeverity": "LOW",
            "privilegesRequired": "HIGH",
            "providerUrgency": "GREEN",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/R:U/RE:L/U:Green",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "LOW"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-16T10:29:59.417Z",
        "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "shortName": "bcorg"
      },
      "references": [
        {
          "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909092"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Strictly limit the number of JVMs providing services based on BC-FJA 2.1.0 so that effective monitoring and cleanup is possible on the server involved, alternately ensure the module is configured to write its files for native support to a file system with sufficient capacity.\u003cbr\u003e"
            }
          ],
          "value": "Strictly limit the number of JVMs providing services based on BC-FJA 2.1.0 so that effective monitoring and cleanup is possible on the server involved, alternately ensure the module is configured to write its files for native support to a file system with sufficient capacity."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
    "assignerShortName": "bcorg",
    "cveId": "CVE-2025-9092",
    "datePublished": "2025-08-16T10:29:59.417Z",
    "dateReserved": "2025-08-16T10:06:21.717Z",
    "dateUpdated": "2025-08-18T18:08:35.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-9278 (GCVE-0-2025-9278)

Vulnerability from cvelistv5 – Published: 2026-01-20 13:55 – Updated: 2026-01-20 16:42
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Impacted products
Vendor Product Version
Rockwell Automation ArmorStart® LT Affected: V2.002 and below
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9278",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T16:42:44.056102Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T16:42:53.890Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ArmorStart\u00ae LT",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V2.002 and below"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T13:55:43.341Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
        }
      ],
      "source": {
        "advisory": "SD1768",
        "discovery": "INTERNAL"
      },
      "title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2025-9278",
    "datePublished": "2026-01-20T13:55:43.341Z",
    "dateReserved": "2025-08-20T19:29:53.474Z",
    "dateUpdated": "2026-01-20T16:42:53.890Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-9279 (GCVE-0-2025-9279)

Vulnerability from cvelistv5 – Published: 2026-01-20 13:56 – Updated: 2026-01-20 16:42
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Impacted products
Vendor Product Version
Rockwell Automation ArmorStart® LT Affected: V2.002 and below
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9279",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T16:42:07.471951Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T16:42:17.413Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ArmorStart\u00ae LT",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V2.002 and below"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T13:56:22.609Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
        }
      ],
      "source": {
        "advisory": "SD1768",
        "discovery": "INTERNAL"
      },
      "title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2025-9279",
    "datePublished": "2026-01-20T13:56:22.609Z",
    "dateReserved": "2025-08-20T19:36:51.289Z",
    "dateUpdated": "2026-01-20T16:42:17.413Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-9280 (GCVE-0-2025-9280)

Vulnerability from cvelistv5 – Published: 2026-01-20 13:57 – Updated: 2026-01-20 16:39
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Impacted products
Vendor Product Version
Rockwell Automation ArmorStart® LT Affected: V2.002 and below
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9280",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T16:39:25.344046Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T16:39:32.048Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ArmorStart\u00ae LT",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V2.002 and below"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T13:57:02.101Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
        }
      ],
      "source": {
        "advisory": "SD1768",
        "discovery": "INTERNAL"
      },
      "title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2025-9280",
    "datePublished": "2026-01-20T13:57:02.101Z",
    "dateReserved": "2025-08-20T19:41:53.395Z",
    "dateUpdated": "2026-01-20T16:39:32.048Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-9281 (GCVE-0-2025-9281)

Vulnerability from cvelistv5 – Published: 2026-01-20 13:58 – Updated: 2026-01-20 16:38
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Impacted products
Vendor Product Version
Rockwell Automation ArmorStart® LT Affected: V2.002 and below
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9281",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T16:38:34.715542Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T16:38:42.562Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ArmorStart\u00ae LT",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V2.002 and below"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eArmorStart\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots\u003c/span\u003e\n\n\n\n\n\n\u003cbr\u003e"
            }
          ],
          "value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T13:58:24.186Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
        }
      ],
      "source": {
        "advisory": "SD1768",
        "discovery": "INTERNAL"
      },
      "title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2025-9281",
    "datePublished": "2026-01-20T13:58:24.186Z",
    "dateReserved": "2025-08-20T19:44:00.771Z",
    "dateUpdated": "2026-01-20T16:38:42.562Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-9282 (GCVE-0-2025-9282)

Vulnerability from cvelistv5 – Published: 2026-01-20 13:59 – Updated: 2026-01-20 16:38
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive limited storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Impacted products
Vendor Product Version
Rockwell Automation ArmorStart® LT Affected: V2.002 and below
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9282",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T16:38:12.083145Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T16:38:19.864Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ArmorStart\u00ae LT",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V2.002 and below"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive limited storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive limited storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T13:59:14.640Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
        }
      ],
      "source": {
        "advisory": "SD1768",
        "discovery": "INTERNAL"
      },
      "title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2025-9282",
    "datePublished": "2026-01-20T13:59:14.640Z",
    "dateReserved": "2025-08-20T19:46:27.783Z",
    "dateUpdated": "2026-01-20T16:38:19.864Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-9283 (GCVE-0-2025-9283)

Vulnerability from cvelistv5 – Published: 2026-01-20 13:59 – Updated: 2026-01-20 16:37
VLAI
Title
ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Impacted products
Vendor Product Version
Rockwell Automation ArmorStart® LT Affected: V2.002 and below
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9283",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T16:37:43.368912Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T16:37:50.655Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ArmorStart\u00ae LT",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V2.002 and below"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T13:59:56.732Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
        }
      ],
      "source": {
        "advisory": "SD1768",
        "discovery": "INTERNAL"
      },
      "title": "ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2025-9283",
    "datePublished": "2026-01-20T13:59:56.732Z",
    "dateReserved": "2025-08-20T19:48:20.042Z",
    "dateUpdated": "2026-01-20T16:37:50.655Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-9308 (GCVE-0-2025-9308)

Vulnerability from cvelistv5 – Published: 2025-08-21 16:02 – Updated: 2025-08-21 17:32 Unsupported When Assigned
VLAI
Title
yarnpkg Yarn request-manager.js setOptions redos
Summary
A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects products that are no longer supported by the maintainer.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1333 - Inefficient Regular Expression Complexity
  • CWE-400 - Resource Consumption
Assigner
References
URL Tags
https://vuldb.com/?id.320913 vdb-entrytechnical-description
https://vuldb.com/?ctiid.320913 signaturepermissions-required
https://vuldb.com/?submit.633486 third-party-advisory
https://github.com/yarnpkg/yarn/pull/9203 issue-tracking
Impacted products
Vendor Product Version
yarnpkg Yarn Affected: 1.22.0
Affected: 1.22.1
Affected: 1.22.2
Affected: 1.22.3
Affected: 1.22.4
Affected: 1.22.5
Affected: 1.22.6
Affected: 1.22.7
Affected: 1.22.8
Affected: 1.22.9
Affected: 1.22.10
Affected: 1.22.11
Affected: 1.22.12
Affected: 1.22.13
Affected: 1.22.14
Affected: 1.22.15
Affected: 1.22.16
Affected: 1.22.17
Affected: 1.22.18
Affected: 1.22.19
Affected: 1.22.20
Affected: 1.22.21
Affected: 1.22.22
Create a notification for this product.
Credits
mmmsssttt (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9308",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-21T17:24:36.331263Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-21T17:32:14.661Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/yarnpkg/yarn/pull/9203"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Yarn",
          "vendor": "yarnpkg",
          "versions": [
            {
              "status": "affected",
              "version": "1.22.0"
            },
            {
              "status": "affected",
              "version": "1.22.1"
            },
            {
              "status": "affected",
              "version": "1.22.2"
            },
            {
              "status": "affected",
              "version": "1.22.3"
            },
            {
              "status": "affected",
              "version": "1.22.4"
            },
            {
              "status": "affected",
              "version": "1.22.5"
            },
            {
              "status": "affected",
              "version": "1.22.6"
            },
            {
              "status": "affected",
              "version": "1.22.7"
            },
            {
              "status": "affected",
              "version": "1.22.8"
            },
            {
              "status": "affected",
              "version": "1.22.9"
            },
            {
              "status": "affected",
              "version": "1.22.10"
            },
            {
              "status": "affected",
              "version": "1.22.11"
            },
            {
              "status": "affected",
              "version": "1.22.12"
            },
            {
              "status": "affected",
              "version": "1.22.13"
            },
            {
              "status": "affected",
              "version": "1.22.14"
            },
            {
              "status": "affected",
              "version": "1.22.15"
            },
            {
              "status": "affected",
              "version": "1.22.16"
            },
            {
              "status": "affected",
              "version": "1.22.17"
            },
            {
              "status": "affected",
              "version": "1.22.18"
            },
            {
              "status": "affected",
              "version": "1.22.19"
            },
            {
              "status": "affected",
              "version": "1.22.20"
            },
            {
              "status": "affected",
              "version": "1.22.21"
            },
            {
              "status": "affected",
              "version": "1.22.22"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "mmmsssttt (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects products that are no longer supported by the maintainer."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in yarnpkg Yarn bis 1.22.22 entdeckt. Betroffen hiervon ist die Funktion setOptions der Datei src/util/request-manager.js. Mittels dem Manipulieren mit unbekannten Daten kann eine inefficient regular expression complexity-Schwachstelle ausgenutzt werden. Der Angriff muss auf lokaler Ebene erfolgen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1.7,
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1333",
              "description": "Inefficient Regular Expression Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-21T16:02:12.172Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-320913 | yarnpkg Yarn request-manager.js setOptions redos",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.320913"
        },
        {
          "name": "VDB-320913 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.320913"
        },
        {
          "name": "Submit #633486 | yarn Yarn src/util/request-manager.js v1.22.22 Inefficient Regular Expression Complexity",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.633486"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/yarnpkg/yarn/pull/9203"
        }
      ],
      "tags": [
        "unsupported-when-assigned"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-21T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-08-21T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-08-21T08:03:40.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "yarnpkg Yarn request-manager.js setOptions redos"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-9308",
    "datePublished": "2025-08-21T16:02:12.172Z",
    "dateReserved": "2025-08-21T05:58:24.411Z",
    "dateUpdated": "2025-08-21T17:32:14.661Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-9341 (GCVE-0-2025-9341)

Vulnerability from cvelistv5 – Published: 2025-08-22 09:09 – Updated: 2025-10-24 22:40
VLAI
Title
Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion
Summary
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java, org/bouncycastle/crypto/engines/AESNativeCBC.Java. This issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9341",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-22T10:37:49.400627Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-22T10:38:07.000Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
          "defaultStatus": "unaffected",
          "modules": [
            "API"
          ],
          "packageName": "bc-fips",
          "platforms": [
            "All"
          ],
          "product": "Bouncy Castle for Java FIPS",
          "programFiles": [
            "org/bouncycastle/crypto/fips/AESNativeCBC.java"
          ],
          "repo": "ssh://bcgit@git.bouncycastle.org:bc-fips-2.1.X-java.git",
          "vendor": "Legion of the Bouncy Castle Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "2.1.0",
              "versionType": "maven"
            }
          ]
        },
        {
          "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
          "defaultStatus": "unaffected",
          "modules": [
            "API"
          ],
          "packageName": "bcprov-lts8on",
          "platforms": [
            "All"
          ],
          "product": "Bouncy Castle for Java LTS",
          "programFiles": [
            "org/bouncycastle/crypto/engines/AESNativeCBC.java"
          ],
          "repo": "https://github.com/bcgit/bc-lts-java",
          "vendor": "Legion of the Bouncy Castle Inc.",
          "versions": [
            {
              "lessThanOrEqual": "2.73.7",
              "status": "affected",
              "version": "2.73.0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Vulnerability requires rapid creation of short term native CBC services. Issue appears to only occur with some versions of the JVM garbage collector."
            }
          ],
          "value": "Vulnerability requires rapid creation of short term native CBC services. Issue appears to only occur with some versions of the JVM garbage collector."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_fips:2.1.0:*:all:*:*:*:*:*",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            },
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:legion_of_the_bouncy_castle_inc.:bouncy_castle_for_java_lts:*:*:all:*:*:*:*:*",
                  "versionEndIncluding": "2.73.7",
                  "versionStartIncluding": "2.73.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003eorg/bouncycastle/crypto/fips/AESNativeCBC.Java\u003c/tt\u003e, \u003ctt\u003eorg/bouncycastle/crypto/engines/AESNativeCBC.Java\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7.\u003c/p\u003e"
            }
          ],
          "value": "Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules), Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java, org/bouncycastle/crypto/engines/AESNativeCBC.Java.\n\nThis issue affects Bouncy Castle for Java FIPS: 2.1.0; Bouncy Castle for Java LTS: from 2.73.0 through 2.73.7."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-130",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-130 Excessive Allocation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "PRESENT",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:P/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-24T22:40:33.075Z",
        "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "shortName": "bcorg"
      },
      "references": [
        {
          "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909341"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A system that cannot be updated can be made safe by booting the module in java mode and disabling AES-NI support."
            }
          ],
          "value": "A system that cannot be updated can be made safe by booting the module in java mode and disabling AES-NI support."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
    "assignerShortName": "bcorg",
    "cveId": "CVE-2025-9341",
    "datePublished": "2025-08-22T09:09:17.111Z",
    "dateReserved": "2025-08-22T08:45:19.734Z",
    "dateUpdated": "2025-10-24T22:40:33.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-9464 (GCVE-0-2025-9464)

Vulnerability from cvelistv5 – Published: 2026-01-20 13:49 – Updated: 2026-01-20 16:01
VLAI
Title
Rockwell Automation ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
Summary
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. This vulnerability is triggered during fuzzing of multiple CIP classes, which causes the CIP port to become unresponsive.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
Impacted products
Vendor Product Version
Rockwell Automation ArmorStart® LT Affected: V2.002 and below
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9464",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-20T15:56:16.903613Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-20T16:01:58.321Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ArmorStart\u00ae LT",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V2.002 and below"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. This vulnerability is triggered during fuzzing of multiple CIP classes, which causes the CIP port to become unresponsive.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "A security issue exists within ArmorStart\u00ae LT that can result in a denial-of-service condition. This vulnerability is triggered during fuzzing of multiple CIP classes, which causes the CIP port to become unresponsive."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-20T13:49:19.480Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html"
        }
      ],
      "source": {
        "advisory": "SD1768",
        "discovery": "INTERNAL"
      },
      "title": "Rockwell Automation ArmorStart\u00ae LT - Multiple Denial-of-Service Vulnerabilities",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2025-9464",
    "datePublished": "2026-01-20T13:49:19.480Z",
    "dateReserved": "2025-08-25T14:52:39.948Z",
    "dateUpdated": "2026-01-20T16:01:58.321Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation

Phase: Architecture and Design

Description:

  • Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.
Mitigation

Phase: Architecture and Design

Description:

  • Mitigation of resource exhaustion attacks requires that the target system either:
  • The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
  • The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
  • recognizes the attack and denies that user further access for a given amount of time, or
  • uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation

Phase: Architecture and Design

Description:

  • Ensure that protocols have specific limits of scale placed on them.
Mitigation

Phase: Implementation

Description:

  • Ensure that all failures in resource allocation place the system into a safe posture.
CAPEC-147: XML Ping of the Death

An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.

CAPEC-227: Sustained Client Engagement

An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.

CAPEC-492: Regular Expression Exponential Blowup

An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.

Back to CWE stats page