Refine your search
7 vulnerabilities found for by Rockwell Automation
CVE-2025-11918 (GCVE-0-2025-11918)
Vulnerability from cvelistv5
Published
2025-11-14 13:28
Modified
2025-11-14 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
Rockwell Automation Arena® suffers from a
stack-based buffer overflow vulnerability. The specific flaw exists within the
parsing of DOE files. Local attackers are able to exploit this issue to
potentially execute arbitrary code on affected installations of Arena®. Exploiting
the vulnerability requires opening a malicious DOE file.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | Arena® Simulation |
Version: Version 16.20.10 and prior |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11918",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T15:44:06.869099Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T15:44:16.712Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arena\u00ae Simulation",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "Version 16.20.10 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Rockwell Automation Arena\u00ae suffers from a\nstack-based buffer overflow vulnerability. The specific flaw exists within the\nparsing of DOE files. Local attackers are able to exploit this issue to\npotentially execute arbitrary code on affected installations of Arena\u00ae. Exploiting\nthe vulnerability requires opening a malicious DOE file.\n\n\n\n\u003cbr\u003e"
}
],
"value": "Rockwell Automation Arena\u00ae suffers from a\nstack-based buffer overflow vulnerability. The specific flaw exists within the\nparsing of DOE files. Local attackers are able to exploit this issue to\npotentially execute arbitrary code on affected installations of Arena\u00ae. Exploiting\nthe vulnerability requires opening a malicious DOE file."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T13:28:39.453Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1763.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026amp;mode=3\u0026amp;refSoft=1\u0026amp;versions=66110\"\u003eUpgrade\nto version 16.20.11 and later\u003c/a\u003e"
}
],
"value": "Upgrade\nto version 16.20.11 and later"
}
],
"source": {
"advisory": "SD1763",
"discovery": "EXTERNAL"
},
"title": "Rockwell Automation Arena\u00ae Simulation Stack-Based Buffer Overflow Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-11918",
"datePublished": "2025-11-14T13:28:39.453Z",
"dateReserved": "2025-10-17T14:31:53.014Z",
"dateUpdated": "2025-11-14T15:44:16.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11697 (GCVE-0-2025-11697)
Vulnerability from cvelistv5
Published
2025-11-11 13:49
Modified
2025-11-12 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | Studio 5000 ® Simulation Interface |
Version: 2.02 and prior |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11697",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:54:28.508331Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T20:03:12.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Studio 5000 \u00ae Simulation Interface",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "2.02 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA local code execution security issue exists within Studio 5000\u00ae Simulation Interface\u2122 via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot.\u003c/span\u003e"
}
],
"value": "A local code execution security issue exists within Studio 5000\u00ae Simulation Interface\u2122 via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T13:49:49.524Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1760.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026amp;mode=3\u0026amp;refSoft=1\u0026amp;versions=66076\"\u003e3.0.0\u003cdiv\u003e\u003c/div\u003e\u003c/a\u003e"
}
],
"value": "3.0.0\n\n https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx"
}
],
"source": {
"advisory": "SD1760",
"discovery": "INTERNAL"
},
"title": "Studio 5000 \u00ae Simulation Interface Local Code Execution",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-11697",
"datePublished": "2025-11-11T13:49:49.524Z",
"dateReserved": "2025-10-13T16:22:55.094Z",
"dateUpdated": "2025-11-12T20:03:12.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11696 (GCVE-0-2025-11696)
Vulnerability from cvelistv5
Published
2025-11-11 13:47
Modified
2025-11-12 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
A local server-side request forgery (SSRF) security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | Studio 5000® Simulation Interface™ |
Version: 2.02 and prior |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11696",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:54:32.704212Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T20:03:19.564Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Studio 5000\u00ae Simulation Interface\u2122",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "2.02 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA local server-side request forgery (SSRF) security issue exists within Studio 5000\u00ae Simulation Interface\u2122 via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes.\u003c/span\u003e"
}
],
"value": "A local server-side request forgery (SSRF) security issue exists within Studio 5000\u00ae Simulation Interface\u2122 via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T13:47:10.872Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1760.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026amp;mode=3\u0026amp;refSoft=1\u0026amp;versions=66076\"\u003e3.0.0\u003cdiv\u003e\u003c/div\u003e\u003c/a\u003e"
}
],
"value": "3.0.0\n\n https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx"
}
],
"source": {
"advisory": "SD1760",
"discovery": "INTERNAL"
},
"title": "Studio 5000 \u00ae Simulation Interface SSRF",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-11696",
"datePublished": "2025-11-11T13:47:10.872Z",
"dateReserved": "2025-10-13T16:22:27.307Z",
"dateUpdated": "2025-11-12T20:03:19.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11862 (GCVE-0-2025-11862)
Vulnerability from cvelistv5
Published
2025-11-11 13:43
Modified
2025-11-12 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | Verve Asset Manager |
Version: 1.33, 1.34, 1.35, 1.36, 1.37, 1.38, 1.39, 1.40, 1.41, 1.41.1, 1.41.2, 1.41.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:54:41.943666Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T20:03:32.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Verve Asset Manager",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "1.33, 1.34, 1.35, 1.36, 1.37, 1.38, 1.39, 1.40, 1.41, 1.41.1, 1.41.2, 1.41.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API.\u003c/span\u003e"
}
],
"value": "A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:L/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T13:43:10.584Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1759.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e1.41.4, 1.42\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "1.41.4, 1.42"
}
],
"source": {
"advisory": "SD1759",
"discovery": "INTERNAL"
},
"title": "Verve Asset Manager Access Control Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-11862",
"datePublished": "2025-11-11T13:43:10.584Z",
"dateReserved": "2025-10-16T14:02:52.210Z",
"dateUpdated": "2025-11-12T20:03:32.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11085 (GCVE-0-2025-11085)
Vulnerability from cvelistv5
Published
2025-11-11 13:35
Modified
2025-11-12 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-116 - Improper Encoding or Escaping of Output
Summary
A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | FactoryTalk® DataMosaix™ Private Cloud |
Version: 7.11, 8.00 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11085",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:54:46.579950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T20:03:39.563Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FactoryTalk\u00ae DataMosaix\u2122 Private Cloud",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "7.11, 8.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A security issue exists within DataMosaix\u2122 Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "A security issue exists within DataMosaix\u2122 Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116: Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T13:35:19.060Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1758.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026amp;mode=3\u0026amp;refSoft=1\u0026amp;versions=66010\"\u003e8.01\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "8.01 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx"
}
],
"source": {
"advisory": "SD1758",
"discovery": "INTERNAL"
},
"title": "FactoryTalk\u00ae DataMosaix\u2122 Private Cloud \u2013 Persistent XSS",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-11085",
"datePublished": "2025-11-11T13:35:19.060Z",
"dateReserved": "2025-09-26T14:50:21.710Z",
"dateUpdated": "2025-11-12T20:03:39.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11084 (GCVE-0-2025-11084)
Vulnerability from cvelistv5
Published
2025-11-11 13:26
Modified
2025-11-12 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1390 - Weak Authentication
Summary
A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | FactoryTalk® DataMosaix™ Private Cloud |
Version: 7.11, 8.00, 8.01 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11084",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:54:57.028772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T20:03:55.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FactoryTalk\u00ae DataMosaix\u2122 Private Cloud",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "7.11, 8.00, 8.01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA security issue exists within DataMosaix\u2122 Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period.\u003c/span\u003e"
}
],
"value": "A security issue exists within DataMosaix\u2122 Private Cloud, allowing attackers to bypass MFA during setup and obtain a valid login-token cookie without knowing the users password. This vulnerability occurs when MFA is enabled but not completed within a 7-day period."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1390",
"description": "CWE-1390: Weak Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-11T13:35:53.721Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1758.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026amp;mode=3\u0026amp;refSoft=1\u0026amp;versions=66010\"\u003e8.02\u003c/a\u003e"
}
],
"value": "8.02 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx"
}
],
"source": {
"advisory": "SD1758",
"discovery": "INTERNAL"
},
"title": "FactoryTalk\u00ae DataMosaix\u2122 Private Cloud \u2013 Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-11084",
"datePublished": "2025-11-11T13:26:05.623Z",
"dateReserved": "2025-09-26T14:49:57.904Z",
"dateUpdated": "2025-11-12T20:03:55.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2014-5410 (GCVE-0-2014-5410)
Vulnerability from cvelistv5
Published
2014-10-03 18:00
Modified
2025-11-04 22:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | Allen-Bradley MicroLogix 1400 |
Version: 0 < Version: 0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:41:49.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-254-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Allen-Bradley MicroLogix 1400",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "1766-Lxxxxx Series A FRN 7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "1766-Lxxxxx Series B FRN 15.000",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "Series B FRN 15.001 or higher"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Luallen of CYBATI"
}
],
"datePublic": "2014-09-30T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line.\u003c/p\u003e"
}
],
"value": "The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-04T22:30:19.113Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-254-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-254-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRockwell Automation has released a new version of MicroLogix 1400 \nSeries B firmware to address the vulnerability and reduce associated \nrisk to successful exploitation. Subsequent versions of MicroLogix 1400 \nSeries B firmware and newer will incorporate these same enhancements.\u003c/p\u003e\n\u003cp\u003eRockwell Automation recommends the following immediate mitigation \nstrategies (when possible, multiple strategies should be employed \nsimultaneously):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade all MicroLogix 1400 Series B controllers to Series B FRN \n15.001 or higher. Current firmware for the MicroLogix 1400 Series B \nplatform can be obtained at the following web address:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.rockwellautomation.com/rockwellautomation/support/pcdc.page\"\u003ehttp://www.rockwellautomation.com/rockwellautomation/support/pcdc.page\u003c/a\u003e\u003c/p\u003e\n\n\n\u003cp\u003ePlease refer to Rockwell Automation\u2019s product disclosure (AID 620295) for more information on this topic available at:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295\"\u003ehttps://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Rockwell Automation has released a new version of MicroLogix 1400 \nSeries B firmware to address the vulnerability and reduce associated \nrisk to successful exploitation. Subsequent versions of MicroLogix 1400 \nSeries B firmware and newer will incorporate these same enhancements.\n\n\nRockwell Automation recommends the following immediate mitigation \nstrategies (when possible, multiple strategies should be employed \nsimultaneously):\n\n\n\n * Upgrade all MicroLogix 1400 Series B controllers to Series B FRN \n15.001 or higher. Current firmware for the MicroLogix 1400 Series B \nplatform can be obtained at the following web address:\n\n\n\n\n http://www.rockwellautomation.com/rockwellautomation/support/pcdc.page \n\n\n\n\nPlease refer to Rockwell Automation\u2019s product disclosure (AID 620295) for more information on this topic available at:\n\n\n https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295"
}
],
"source": {
"advisory": "ICSA-14-254-02",
"discovery": "EXTERNAL"
},
"title": "Rockwell Automation Micrologix 1400 Improper Input Validation",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUsers with Series A and Series B controllers are also recommended to apply the following risk mitigations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDo not enable DNP3 communication in the product unless required.\u003c/li\u003e\n\u003cli\u003eWhere appropriate, prohibit DNP3 communication that originates \noutside the perimeter of the manufacturing zone from entry into the zone\n by blocking communication directed at Ethernet communication Port \n20000/TCP* and 20000/UDP* using appropriate security technology (e.g., a\n firewall, UTM devices, or other security appliance)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; *Note: Ports 20000/TCP and 20000/UDP are factory defaults \nas per the DNP3 specification but can be reconfigured by the product \nowner.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEmploy firewalls with ingress/egress filtering, intrusion \ndetection/prevention systems, and validate all configurations. Evaluate \nfirewall configurations to ensure other appropriate inbound and outbound\n traffic is blocked.\u003c/li\u003e\n\u003cli\u003eRestrict physical and electronic access to automation products, \nnetworks, and systems to only those individuals authorized to be in \ncontact with control system equipment.\u003c/li\u003e\u003cli\u003eEmploy layered security, defense-in-depth methods and network \nsegregation and segmentation practices in system design to restrict and \ncontrol access to individual products and control networks. Refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.ab.com/networks/architectures.html%20\"\u003ehttp://www.ab.com/networks/architectures.html\u003c/a\u003e\u0026nbsp;for comprehensive information about implementing validated architectures designed to deliver these measures.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePlease refer to Rockwell Automation\u2019s product disclosure (AID 620295) for more information on this topic available at:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295\"\u003ehttps://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Users with Series A and Series B controllers are also recommended to apply the following risk mitigations:\n\n\n\n * Do not enable DNP3 communication in the product unless required.\n\n * Where appropriate, prohibit DNP3 communication that originates \noutside the perimeter of the manufacturing zone from entry into the zone\n by blocking communication directed at Ethernet communication Port \n20000/TCP* and 20000/UDP* using appropriate security technology (e.g., a\n firewall, UTM devices, or other security appliance)\n\n\n\n\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 *Note: Ports 20000/TCP and 20000/UDP are factory defaults \nas per the DNP3 specification but can be reconfigured by the product \nowner.\n\n\n\n * Employ firewalls with ingress/egress filtering, intrusion \ndetection/prevention systems, and validate all configurations. Evaluate \nfirewall configurations to ensure other appropriate inbound and outbound\n traffic is blocked.\n\n * Restrict physical and electronic access to automation products, \nnetworks, and systems to only those individuals authorized to be in \ncontact with control system equipment.\n * Employ layered security, defense-in-depth methods and network \nsegregation and segmentation practices in system design to restrict and \ncontrol access to individual products and control networks. Refer to http://www.ab.com/networks/architectures.html http://www.ab.com/networks/architectures.html%20 \u00a0for comprehensive information about implementing validated architectures designed to deliver these measures.\n\n\n\n\nPlease refer to Rockwell Automation\u2019s product disclosure (AID 620295) for more information on this topic available at:\n\n\n https://rockwellautomation.custhelp.com/app/answers/detail/a_id/620295"
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-5410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause a denial of service (process disruption) via malformed packets over (1) an Ethernet network or (2) a serial line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-254-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-254-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-5410",
"datePublished": "2014-10-03T18:00:00",
"dateReserved": "2014-08-22T00:00:00",
"dateUpdated": "2025-11-04T22:30:19.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}