CVE-2025-7350
BaseFortify
Publication date: 2025-09-09
Last updated on: 2025-09-09
Assigner: Rockwell Automation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rockwell_automation | stratix | 1783-ims |
| rockwell_automation | stratix | 1783-zms |
| rockwell_automation | stratix | 1783-bms |
| rockwell_automation | stratix | 1783-hms |
| rockwell_automation | stratix | 1783-ms06t |
| rockwell_automation | stratix | 1783-ms10t |
| rockwell_automation | stratix_ios | 15.2(8)e5 |
| rockwell_automation | stratix_ios | 15.2(8)e6 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7350 is a high-severity security flaw affecting Rockwell Automation's Stratix industrial Ethernet switches and multiple Cisco devices. It involves a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to upload and execute malicious configurations remotely without authentication, leading to remote code execution. This is essentially an injection flaw classified under CWE-74. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to remotely execute arbitrary code on affected devices by uploading and running malicious configurations without needing to authenticate. This can lead to unauthorized control over the devices, potentially disrupting network operations, compromising data integrity, and enabling further attacks within the network. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There are no specific detection commands or methods provided in the available resources. Detection would likely involve identifying affected Stratix devices running vulnerable software versions (15.2(8)E5 and earlier). Monitoring for unauthorized configuration uploads or unusual device behavior might help, but no explicit commands or detection techniques are given. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade affected Stratix devices to the corrected software version 15.2(8)E6 released by Rockwell Automation. No workarounds are available, so upgrading is the primary recommended action. If upgrading is not immediately possible, follow Rockwell Automation’s security best practices as outlined in their advisory. [1]