CVE-2025-7693

CRITICAL

Rockwell Automation PLC - Micro850 L50E V20.011-V22.011 - Denial of Service via Malformed CIP Forward Close Packet

Title source: llm

Description

A security issue exists due to improper handling of malformed CIP Forward Close packets during fuzzing. The controller enters a solid red Fault LED state and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF015. To recover, clear the fault.

References (1)

Core 1

Core References

Various Sources

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1736.html

Scores

CVSS v4 9.3

EPSS 0.0034

EPSS Percentile 26.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-20

Status published

Products (1)

Rockwell Automation/PLC - Micro850 L50E V20.011 - V22.011

Published Aug 18, 2025

Tracked Since Feb 18, 2026