CVE-2025-7773

Summary

A security issue exists within the 5032 16pt Digital Configurable module’s web server. The web server’s session number increments at an interval that correlates to the last two consecutive sign in session interval, making it predictable.

Affected Software

VendorProductVersion RangeStatus
Rockwell Automation5032-CFGB16M12P5DR1.011affected
Rockwell Automation5032-CFGB16M12DR1.011affected
Rockwell Automation5032-CFGB16M12M12LDR1.011affected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References