CVE-2025-7353 Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

CVE-2025-7353

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

CVE-2025-7353 Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

CVE-2025-7353

CVE-2025-7353 affects Rockwell Automation ControlLogix Ethernet Modules via the web-based debugger agent (WDB). The connected PT-2025-33275 entry specifies affected software versions pre-12.001 and explains that connecting to the WDB agent from a specific IP can enable remote attackers to perform...

Rockwell Automation ControlLogix Ethernet Modules

RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to perform memory dumps, modify memory, and control execution flow. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such...

Rockwell Automation ControlLogix Series 安全漏洞

Rockwell Automation ControlLogix Series is a family of programmable controllers from Rockwell Automation, USA. A security vulnerability exists in Rockwell Automation ControlLogix Series, which stems from a web-based debugger agent that could allow a remote attacker to perform memory dumps and...

PT-2025-33275

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ControlLogix Ethernet Modules versions prior to 12.001 Description: A security issue exists in Rockwell Automation ControlLogix Ethernet Modules due to the web-based debugger agent. Connecting to the WDB agent using a...

CVE-2024-6098

When performing an online tag generation to devices which communicate using the ControlLogix protocol, a machine-in-the-middle, or a device that is not configured correctly, could deliver a response leading to unrestricted or unregulated resource allocation. This could cause a denial-of-service...

CVE-2020-6998

The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to ...

Rockwell Automation Logix Controllers Uncontrolled Resource Consumption (CVE-2024-8626)

Due to a memory leak, a denial-of-service vulnerability exists in the affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain webpages of the product causing the affected products to become fully unavailable and require a power cycle to...

Rockwell Automation多款产品 安全漏洞

Rockwell Automation ControlLogix and others are products of Rockwell Automation, Inc.Rockwell Automation ControlLogix is a controller.Rockwell Automation GuardLogix Rockwell Automation GuardLogix is a series of controllers.Rockwell Automation CompactLogix is a series of controllers. A security...

Rockwell Automation ControlLogix

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a...

Rockwell Automation Logix Controllers

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Compact GuardLogix, CompactLogix, ControlLogix, GuardLogix, 1756-EN4TR Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful...

The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, and GuardLogix programmable logic controllers allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, and GuardLogix controllers is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause malfunctions in the system from a remote location...

The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, and Communication Module 1756-EN4 systems allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, and Communication Module 1756-EN4 is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause malfunctions in the system remotely...

The vulnerability of the microprogramming software for Rockwell Automation’s ControlLogix 5580 and GuardLogix 5580 allows a intruder to trigger a malfunction during maintenance.

The vulnerability of the microprogrammed software in Rockwell Automation’s ControlLogix 5580 and GuardLogix 5580 systems is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause malfunctions during maintenance operations...

CVE-2024-6077 Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover...

CVE-2024-6077 Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover...

Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380, CompactLogix 5480, 1756-EN4 Vulnerability : Improper Input Validation 2. RISK...

PT-2024-6546 · Rockwell Automation · Controllogix/Guardlogix 5580 +1

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ControlLogix/GuardLogix 5580 versions prior to the fixed version Rockwell Automation CompactLogix/Compact GuardLogix 5380 versions prior to the fixed version Description: A denial-of-service issue exists in Rockwell...