CVE-2025-11743

Summary

A denial-of-service security issue in the affected product. The security issue occurs when a malformed CIP forward open message is sent. This could result in a major nonrecoverable fault a restart is required to recover.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationCompactLogix® 5370Version 34.013 and prior, Version 35.012 and prior, Version 36.011affected

Weaknesses

  • CWE-1284: CWE-1284 Improper Validation of Specified Quantity in Input

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References