ICSA-25-226-25
·
Published 2025-08-14
·
View on CISA ICS-CERT ↗
Rockwell Automation Micro800
CVSS 9.8
CRITICAL
Risk Summary
Successful exploitation of these vulnerabilities could result in remote code execution or may lead to privilege escalation.
Remediations
- Rockwell Automation recommends the following updates:
- PLC Micro820 LC20: Migrate to Micro820 L20E V23.011 and later (this has yet to be released, target to release in Sept 2025)
- PLC Micro850 LC50: Migrate to Micro850 L50E V23.011 and later
- PLC Micro870 LC70: Migrate to Micro870 L70E V23.011 and later
- PLC Micro850 L50E: V23.011 and later
- PLC Micro870 L70E: V23.011 and later
- Rockwell Automation also recommends users follow their published Security Best Practices.
Affected Vendors
Rockwell Automation
Affected Products (5)
Rockwell Automation
·
PLC Micro820 LC20
<V14.011
Rockwell Automation
·
PLC Micro850 LC50
<V12.013
Rockwell Automation
·
PLC Micro870 LC70
<V12.013
Rockwell Automation
·
PLC Micro850 L50E
>=V20.011|<=V22.011
Rockwell Automation
·
PLC Micro870 L70E
>=V20.011|<=V22.011
Affected Sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, Transportation Systems, Water and Wastewater
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more