CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems ICS advisories on September 9, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-252-01 Rockwell Automation ThinManager ICSA-25-252-02 ABB Cylon Aspect BMS/BAS...

CVE-2025-7353

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

The vulnerability of the CIP Message Handler component in Rockwell Automation’s programmable logic controllers ControlLogix 5580, CompactLogix 5380, Compact GuardLogix 5380 SIL 2, Compact GuardLogix 5380 SIL 3, CompactLogix 5480, FactoryTalk Logix Echo allows a intruder to trigger a service failure.

The vulnerability of the CIP Message Handler component in Rockwell Automation’s programmable logic controllers ControlLogix 5580, CompactLogix 5380, Compact GuardLogix 5380 SIL 2, Compact GuardLogix 5380 SIL 3, CompactLogix 5480, and FactoryTalk Logix Echo is related to errors in processing input...

The vulnerability of the microprogrammed software in the ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380 systems, related to errors in processing input data, allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software in programmable logic controllers such as ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380 is related to errors in processing input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a...

PT-2024-6589 · Rockwell Automation · Controllogix 5580 +1

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ControlLogix 5580 versions affected versions not specified Rockwell Automation GuardLogix 5580 versions affected versions not specified Description: A denial-of-service issue exists due to insufficient exception handling i...

The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, and communication model 1756-EN4 controllers, related to the implementation of incorrect control flows, allows a hacker to trigger a service failure.

The vulnerability of microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, and communication models 1756-EN4 is related to the implementation of an incorrect control flow. Exploiting this vulnerability can allow a malicious actor to trigger service failures...

The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix, related to the execution of operations outside the buffer boundaries in memory, allows a hacker to trigger a malfunction during maintenance.

The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix lies in the fact that the output data may escape from memory into the operating system. Exploiting this vulnerability could allow a malicious actor to cause malfunctions during operation...

CVE-2024-21916

A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault MNRF. The device will restart itself to recover from the MNRF...

Rockwell Automation ControlLogix 缓冲区错误漏洞

Rockwell Automation ControlLogix and GuardLogix are both Rockwell Automation controllers. A denial of service vulnerability exists in Rockwell Automation ControlLogix and GuardLogix, which can be exploited by an attacker to cause a denial of service condition by sending a specially crafted reques...

The vulnerability of the microprogramming software for Rockwell Automation communication modules 1756-EN2T, 1756-EN2TK, 1756-EN2TXT, 1756-EN2TP, 1756-EN2TPK, 1756-EN2TPXT, 1756-EN2TR, 1756-EN2TRK, 1756-EN2TRXT, 1756-EN2F, 1756-EN2FK, 1756-EN3TR, 1756-EN3TRK, 1756-EN4TR, 1756-EN4TRK, and 1756-EN4TRXT controllers from the Allen-Bradley ControlLogix series allows a intruder to cause a service failure.

The vulnerability of the microprogrammed software in the communication modules of Rockwell Automation’s controllers models 1756-EN2T, 1756-EN2TK, 1756-EN2TXT, 1756-EN2TP, 1756-EN2TPK, 1756-EN2TPXT, 1756-EN2TR, 1756-EN2TRK, 1756-EN2TRXT, 1756-EN2F, 1756-EN2FK, 1756-EN3TR, 1756-EN3TRK, 1756-EN4TR,...

The vulnerability of microprogrammed software in programmable logic controllers such as ControlLogix 5580, GuardLogix 5580, CompactLogix 5380, CompactLogix 5480, and Compact GuardLogix 5380 lies in improper code generation. This allows attackers to implant code into the controller that the user will be unable to detect.

The vulnerability of microprogrammed software in programmable logic controllers such as ControlLogix 5580, GuardLogix 5580, CompactLogix 5380, CompactLogix 5480, and Compact GuardLogix 5380 lies in improper code generation. Exploiting this vulnerability allows an intruder to implant code into the...

CVE-2021-22681

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730,...

CVE-2018-17924

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller...