CVE-2025-9166
BaseFortify
Publication date: 2025-09-09
Last updated on: 2025-10-20
Assigner: Rockwell Automation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rockwellautomation | controllogix_5580_firmware | 35.013 |
| rockwellautomation | controllogix_5580 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a denial-of-service (DoS) issue in Rockwell Automation's ControlLogix 5580 controller software version 35.013. It occurs because the controller repeatedly attempts to forward messages, which can cause a major nonrecoverable fault (MNRF) that stops the controller from functioning properly. The issue is classified as a NULL Pointer Dereference (CWE-476). [1]
How can this vulnerability impact me? :
The vulnerability can cause the affected controller to experience a major nonrecoverable fault, leading to a denial of service where the controller cannot recover or operate correctly. This can disrupt operations that depend on the controller, potentially causing downtime or loss of control in automated systems. [1]
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been corrected in Rockwell Automation ControlLogix 5580 controller software version 35.014 and later. Immediate mitigation is to upgrade the controller software to version 35.014 or newer. There is no workaround available. For customers unable to upgrade immediately, it is advised to follow Rockwell Automationβs security best practices. [1]