ICSA-25-252-03
·
Published 2025-09-09
·
View on CISA ICS-CERT ↗
Rockwell Automation Stratix IOS
CVSS 9.6
CRITICAL
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to run malicious configurations without authentication.
CVEs (1)
Remediations
- Rockwell Automation has provided an update that mitigates this vulnerability. Users are recommended to update to version 15.2(8)E6 or later.
- If users are not able to upgrade to the corrected version, Rockwell Automation recommends referring to their security best practices.
Affected Vendors
Rockwell Automation
Affected Products (1)
Rockwell Automation
·
Stratix IOS
<=15.28E5
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more