ICSA-25-084-02
·
Published 2025-03-25
·
View on CISA ICS-CERT ↗
Rockwell Automation Verve Asset Manager
CVSS 9.1
CRITICAL
Risk Summary
Successful exploitation of this vulnerability could allow an attacker with administrative access to run arbitrary commands in the context of the container running the service.
CVEs (1)
Remediations
- Rockwell Automation has corrected the issue in software Version 1.40. Users of the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.
- For more information refer to Rockwell Automation's security advisory.
Affected Vendors
Rockwell Automation
Affected Products (1)
Rockwell Automation
·
Verve Asset Manager
<=1.39
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more