CVE-2025-8008
BaseFortify
Publication date: 2025-09-09
Last updated on: 2025-09-17
Assigner: Rockwell Automation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rockwellautomation | 1756-en2tr_series_a_firmware | to 7.001 (exc) |
| rockwellautomation | 1756-en2tr_series_a | * |
| rockwellautomation | 1756-en2tr_series_b_firmware | to 7.001 (exc) |
| rockwellautomation | 1756-en2tr_series_b | * |
| rockwellautomation | 1756-en2tr_series_c_firmware | to 7.001 (exc) |
| rockwellautomation | 1756-en2tr_series_c | * |
| rockwellautomation | 1756-en4tr_firmware | to 7.001 (exc) |
| rockwellautomation | 1756-en4tr | * |
| rockwellautomation | 1756-en4trxt_firmware | to 7.001 (exc) |
| rockwellautomation | 1756-en4trxt | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-755 | The product does not handle or incorrectly handles an exceptional condition. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects the protected mode of EN4TR devices, where sending specially crafted messages during a Forward Close operation can cause the device to crash. It is caused by improper handling of exceptional conditions, leading to a major fault that results in loss of device availability. [1]
How can this vulnerability impact me? :
The vulnerability can cause the affected EN4TR devices to crash unexpectedly during a Forward Close operation, resulting in a major non-recoverable fault. This leads to loss of device availability, which can disrupt industrial control systems and potentially halt critical operations. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to upgrade the affected devices (1756-ENT2R, 1756-EN4TR, 1756-EN4TRXT) to software version 7.001 or later. If upgrading immediately is not possible, users should follow Rockwell Automation's security best practices to reduce risk. [1]