ICSA-26-020-03
·
Published 2026-01-20
·
View on CISA ICS-CERT ↗
Rockwell Automation Verve Asset Manager
CVSS 7.9
HIGH
Risk Summary
Successful exploitation of these vulnerabilities may allow an attacker to access sensitive information stored in variables within the ADI server.
CVEs (2)
Remediations
- Rockwell Automation reports that the issue was resolved in version 1.42, and the component has been optional since version 1.36. Rockwell Automation recommends updating to the latest available version.
- For additional details, refer to the advisory on the Rockwell Automation security page.
- For further assistance, contact Rockwell Automation TechConnect for help.
Affected Vendors
Rockwell Automation
Affected Products (12)
Rockwell Automation
·
Verve Asset Manager
1.33
Rockwell Automation
·
Verve Asset Manager
1.34
Rockwell Automation
·
Verve Asset Manager
1.35
Rockwell Automation
·
Verve Asset Manager
1.36
Rockwell Automation
·
Verve Asset Manager
1.37
Rockwell Automation
·
Verve Asset Manager
1.38
Rockwell Automation
·
Verve Asset Manager
1.39
Rockwell Automation
·
Verve Asset Manager
1.40
Rockwell Automation
·
Verve Asset Manager
1.41
Rockwell Automation
·
Verve Asset Manager
1.41.1
Rockwell Automation
·
Verve Asset Manager
1.41.2
Rockwell Automation
·
Verve Asset Manager
1.41.3
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more