CVE-2025-7353

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow.

CVSS

No CVSS.

References

Link	Resource
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1732.html

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Existe un problema de seguridad debido al agente de depuración web habilitado en los módulos Ethernet ControlLogix® de Rockwell Automation. Si se utiliza una dirección IP específica para conectarse al agente WDB, puede permitir que atacantes remotos realicen volcados de memoria, modifiquen la memoria y controlen el flujo de ejecución.

14 Aug 2025, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-14 14:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-7353

Mitre link : CVE-2025-7353

CVE.ORG link : CVE-2025-7353

JSON object : View

Products Affected

No product.

CWE

CWE-1188

Insecure Default Initialization of Resource

{"id": "CVE-2025-7353", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-14T14:15:35.137", "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1732.html", "source": "PSIRT@rockwellautomation.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "PSIRT@rockwellautomation.com", "description": [{"lang": "en", "value": "CWE-1188"}]}], "descriptions": [{"lang": "en", "value": "A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix\u00ae Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow."}, {"lang": "es", "value": "Existe un problema de seguridad debido al agente de depuraci\u00f3n web habilitado en los m\u00f3dulos Ethernet ControlLogix\u00ae de Rockwell Automation. Si se utiliza una direcci\u00f3n IP espec\u00edfica para conectarse al agente WDB, puede permitir que atacantes remotos realicen volcados de memoria, modifiquen la memoria y controlen el flujo de ejecuci\u00f3n."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "PSIRT@rockwellautomation.com"}