CVE-2025-13823
Unknown Unknown - Not Provided
IPv6 Malformed Packet Fault Vulnerability in Micro850/870 Controllers

Publication date: 2025-12-15

Last updated on: 2025-12-15

Assigner: Rockwell Automation

Description
A security issue was found in the IPv6 stack in the Micro850 and Micro870 controllers when the controllers received multiple malformed packets during fuzzing. The controllers will go into recoverable fault with fault code 0xFE60. To recover the controller, clear the fault.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-15
Last Modified
2025-12-15
Generated
2026-06-16
AI Q&A
2025-12-15
EPSS Evaluated
2026-06-14
NVD
CVE-2025-13823
EUVD
EUVD-2025-203386
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
rockwell_automation micro820 *
rockwell_automation micro850 *
rockwell_automation micro870 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability (CVE-2025-13823) exists in the IPv6 stack of the Micro850 and Micro870 controllers. When these controllers receive multiple malformed IPv6 packets during fuzzing, they enter a recoverable fault state with fault code 0xFE60. The fault can be cleared to recover the controller. It is caused by a dependency on a vulnerable third-party component and has a CVSS 4.0 base score of 7.1, indicating a high severity. [1]

Impact Analysis

If exploited, this vulnerability can cause the affected Micro850 and Micro870 controllers to enter a recoverable fault state, temporarily disrupting their operation. This could lead to downtime or interruption in the control processes managed by these PLCs until the fault is cleared. Disabling IPv6 functionality if not required or updating to the fixed firmware version V23.012 can mitigate this impact. [1]

Detection Guidance

This vulnerability can be detected by monitoring the Micro850 and Micro870 controllers for the recoverable fault state with fault code 0xFE60, which occurs when the controllers receive multiple malformed IPv6 packets. Detection involves checking the controller's fault status and logs for this specific fault code. Additionally, network monitoring tools can be used to identify malformed IPv6 packets targeting these controllers. Specific commands are not provided in the resources, but checking the controller's fault codes and network traffic for malformed IPv6 packets is recommended. [1]

Mitigation Strategies

Immediate mitigation steps include updating the firmware of affected Micro850 and Micro870 controllers to version V23.012 or later, where the vulnerability is fixed. If firmware upgrade is not immediately possible, disabling IPv6 functionality on the controllers is recommended if IPv6 is not required. Additionally, clearing the fault condition (fault code 0xFE60) will recover the controller from the fault state. Following Rockwell Automation’s security best practices is also advised. [1]

Compliance Impact

The provided resources and context do not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-13823. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart