CVE-2025-13823 HIGH

CVE-2025-13823: Micro820®, Micro850®, Micro870® – Specialized Fuzzing Vulnerabilities

Vendor Rockwell Automation
Product Micro820®, Micro850®, Micro870®
Weakness CWE-1395
Published December 15, 2025
Last update December 15, 2025

CVSS base score

7.1/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A security issue was found in the IPv6 stack in the Micro850 and Micro870 controllers when the controllers received multiple malformed packets during fuzzing. The controllers will go into recoverable fault with fault code 0xFE60. To recover the controller, clear the fault.

Key dates

02Disclosure timeline

December 15, 2025 CVE published
December 15, 2025 Record updated