CVE-2025-9166

Summary

A denial-of-service security issue exists in the affected product and version. The security issue stems from the controller repeatedly attempting to forward messages. The issue could result in a major nonrecoverable fault on the controller.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationControlLogix® 5580Version 35.013affected

Weaknesses

  • CWE-476: CWE-476: NULL Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References