ICSA-25-352-07
·
Published 2025-12-18
·
View on CISA ICS-CERT ↗
Rockwell Automation Micro820, Micro850, Micro870
CVSS 7.5
HIGH
Risk Summary
Successful exploitation of these vulnerabilities could result in a denial-of-service condition.
CVEs (2)
Remediations
- Rockwell Automation recommends users of Micro820 V14.011 and prior update to newer Micro820 controllers (L20E V23.011 or later).
- Rockwell Automation recommends users of Micro850/870 update to V12.013 or later. The update can be downloaded from the Rockwell Automation website.
- For CVE-2025-13823, Rockwell Automation advises users to disable IPv6 functionalities if they do not require the feature.
- Rockwell Automation users using the affected software, who are not able to upgrade to one of the corrected versions, should follow Rockwell Automation's security best practices.
- For more information, please review Rockwell Automation's advisory.
Affected Vendors
Rockwell Automation
Affected Products (1)
Rockwell Automation
·
Micro820
<=V14.011
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more