Description
A denial-of-service security issue in the affected product. The security issue stems from a fault occurring when a crafted CIP unconnected explicit message is sent. This can result in a major non-recoverable fault.
Scores
CVSS v4
8.7
EPSS
0.0003
EPSS Percentile
6.9%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-248
Status
published
Products (1)
Rockwell Automation/Compact GuardLogix® 5370
Version 30.012 and prior
Published
Oct 14, 2025
Tracked Since
Feb 18, 2026