| CVE ID | CVSS Score | Severity | Description |
|---|---|---|---|
| CVE-2025-12011 | 8.6 | high |
A denial-of-service issue exists in 5370/5570 controllers. This vulnerability could potentially allow a remote user to load an invalid project, causing the device to enter a major non-recoverable fault (MNRF).
|
| CVE-2025-12012 | 8.6 | high |
A denial-of-service issue exists in 5380/5480/5580 controllers. This vulnerability could potentially allow a malicious user to write invalid file data to the controller, causing the device to enter a major nonrecoverable fault (MNRF).
|
| CVE-2025-11698 | 8.6 | high |
A denial-of-service issue exists in 5380/5480/5580 controllers boot firmware lower than version 1.072. This vulnerability could potentially allow a malicious user to write invalid file data to the controller, causing the device to enter a major non-recoverable fault (MNRF).
|
| Vendor | Product | Asset Type | Purdue Level | Firmware |
|---|---|---|---|---|
| Rockwell Automation | Unknown | plc |
L1
|
35.013 |
| Rockwell Automation | Unknown | plc |
L1
|
v.32.011 |
| Rockwell Automation | Unknown | plc |
L1
|
-- |
| Rockwell Automation | Unknown | plc |
L1
|
-- |
| Rockwell Automation | Unknown | plc |
L1
|
-- |
| Rockwell Automation | Unknown | plc |
L1
|
Firmware__20.011 |
| Rockwell Automation | Unknown | plc |
L1
|
20-33 |
| Rockwell Automation | Unknown | plc |
L1
|
v.32.011 |