CVE-2025-7693 CRITICAL

CVE-2025-7693: Rockwell Automation Micro800 Vulnerability

Vendor Rockwell Automation

Product PLC - Micro850 L50E

Weakness CWE-20 · Input validation

Published August 18, 2025

Last update August 18, 2025

View on NVD All CVEs

CVSS base score

9.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A security issue exists due to improper handling of malformed CIP Forward Close packets during fuzzing. The controller enters a solid red Fault LED state and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF015. To recover, clear the fault.

Key dates

02Disclosure timeline

August 18, 2025 CVE published

August 18, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-7693

Related vulnerabilities

Identifiers

CVE CVE-2025-7693

CWE CWE-20

CVSS 9.3 / CRITICAL

Affected versions