CVE-2025-9278
BaseFortify
Publication date: 2026-01-20
Last updated on: 2026-02-02
Assigner: Rockwell Automation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rockwellautomation | armorstart_lt_firmware | to 2.002 (inc) |
| rockwellautomation | armorstart_lt | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in ArmorStart® LT and can cause a denial-of-service condition. Specifically, after running a Burp Suite active scan, the device loses ICMP connectivity, which results in the web application becoming inaccessible.
How can this vulnerability impact me? :
The impact of this vulnerability is a denial-of-service condition where the device loses ICMP connectivity and the web application becomes inaccessible, potentially disrupting normal operations and availability of services.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by performing an active scan using Burp Suite against the ArmorStart® LT device and observing if the device loses ICMP connectivity and the web application becomes inaccessible. Monitoring ICMP connectivity (e.g., using ping commands) before and after the scan can help detect the issue.