CVE-2025-24481

HIGH

Product Version - Unauthenticated Access

Title source: llm

Description

An Incorrect Permission Assignment Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect permissions being assigned to the remote debugger port and can allow for unauthenticated access to the system configuration.

References (1)

Core 1

Core References

Various Sources

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1720.html

Scores

CVSS v4 7.0

EPSS 0.0015

EPSS Percentile 4.8%

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-732

Status published

Products (1)

Rockwell Automation/FactoryTalk® View Site Edition <V15

Published Jan 28, 2025

Tracked Since Feb 18, 2026