IM
IronMonkey Threat Research
‹ Back to ICS Advisories

Rockwell Automation CompactLogix, ControlLogix, Compact GuardLogix and GuardLogix

HIGH
CVSS 8.6
Date 2026-07-16T06:00:00+00:00
Source cisa-csaf
Published by CISA

// Description

Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.

// Vulnerabilities (3)

CVE ID CVSS Score Severity Description
CVE-2025-12011 8.6 high
A denial-of-service issue exists in 5370/5570 controllers. This vulnerability could potentially allow a remote user to load an invalid project, causing the device to enter a major non-recoverable fault (MNRF).
CVE-2025-12012 8.6 high
A denial-of-service issue exists in 5380/5480/5580 controllers. This vulnerability could potentially allow a malicious user to write invalid file data to the controller, causing the device to enter a major nonrecoverable fault (MNRF).
CVE-2025-11698 8.6 high
A denial-of-service issue exists in 5380/5480/5580 controllers boot firmware lower than version 1.072. This vulnerability could potentially allow a malicious user to write invalid file data to the controller, causing the device to enter a major non-recoverable fault (MNRF).

// Affected Products (8)

Vendor Product Asset Type Purdue Level Firmware
Rockwell Automation Unknown plc
L1
35.013
Rockwell Automation Unknown plc
L1
v.32.011
Rockwell Automation Unknown plc
L1
--
Rockwell Automation Unknown plc
L1
--
Rockwell Automation Unknown plc
L1
--
Rockwell Automation Unknown plc
L1
Firmware__20.011
Rockwell Automation Unknown plc
L1
20-33
Rockwell Automation Unknown plc
L1
v.32.011

// Remediations (14)

Patch: GuardLogix 5580 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013, V37.011
GuardLogix 5580 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013, V37.011 or later, already has corrected boot firmware is installed
Patch: Compact GuardLogix 5370: Update to V35.016, V36.011 and later
Compact GuardLogix 5370: Update to V35.016, V36.011 and later
Patch: ControlLogix 5580 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013, V37.01
ControlLogix 5580 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013, V37.011 or later, already has corrected boot firmware is installed
Patch: GuardLogix 5570: Update to V35.016, V36.011 and later
GuardLogix 5570: Update to V35.016, V36.011 and later
Patch: ControlLogix 5580: Update to V34.014, V35.013, V36.011 and later
ControlLogix 5580: Update to V34.014, V35.013, V36.011 and later
Patch: CompactLogix 5380 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013, V37.01
CompactLogix 5380 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013, V37.011 or later, already has corrected boot firmware is installed
Patch: CompactLogix 5480: Update to V34.014, V35.013, V36.011 and later
CompactLogix 5480: Update to V34.014, V35.013, V36.011 and later
Patch: CompactLogix 5380: Update to V34.014, V35.013, V36.011 and later
CompactLogix 5380: Update to V34.014, V35.013, V36.011 and later
Patch: Compact GuardLogix 5380 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013,
Compact GuardLogix 5380 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013, V37.011 or later, already has corrected boot firmware is installed
Patch: Compact GuardLogix 5380: Update to V34.014, V35.013, V36.011 and later
Compact GuardLogix 5380: Update to V34.014, V35.013, V36.011 and later
Patch: GuardLogix 5580: Update to V34.014, V35.013, V36.011 and later
GuardLogix 5580: Update to V34.014, V35.013, V36.011 and later
Patch: CompactLogix 5480 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013, V37.01
CompactLogix 5480 Recovery Image: Update to boot firmware 1.072 or greater. If using V36.013, V37.011 or later, already has corrected boot firmware is installed
Patch: ControlLogix 5570: Update to V35.016, V36.011 and later
ControlLogix 5570: Update to V35.016, V36.011 and later
Patch: Rockwell Automation recommend updating to the following: CompactLogix 5370: Update to V35.016, V36.0
Rockwell Automation recommend updating to the following: CompactLogix 5370: Update to V35.016, V36.011 and later

// References