Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-7774

Summary
Assigner-Rockwell
Assigner Org ID-b73dd486-f505-4403-b634-40b078b177f0
Published At-14 Aug, 2025 | 13:39
Updated At-14 Aug, 2025 | 14:01
Rejected At-
Credits

Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities

A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Rockwell
Assigner Org ID:b73dd486-f505-4403-b634-40b078b177f0
Published At:14 Aug, 2025 | 13:39
Updated At:14 Aug, 2025 | 14:01
Rejected At:
▼CVE Numbering Authority (CNA)
Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities

A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions.

Affected Products
Vendor
Rockwell Automation, Inc.Rockwell Automation
Product
5032-CFGB16M12P5DR
Default Status
unaffected
Versions
Affected
  • 1.011
Vendor
Rockwell Automation, Inc.Rockwell Automation
Product
5032-CFGB16M12DR
Default Status
unaffected
Versions
Affected
  • 1.011
Vendor
Rockwell Automation, Inc.Rockwell Automation
Product
5032-CFGB16M12M12LDR
Default Status
unaffected
Versions
Affected
  • 1.011
Problem Types
TypeCWE IDDescription
CWECWE-306CWE-306: Missing Authentication for Critical Function
Type: CWE
CWE ID: CWE-306
Description: CWE-306: Missing Authentication for Critical Function
Metrics
VersionBase scoreBase severityVector
4.08.8HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

1.012 or later

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1733.html
N/A
Hyperlink: https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1733.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:PSIRT@rockwellautomation.com
Published At:14 Aug, 2025 | 14:15
Updated At:15 Aug, 2025 | 13:13

A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.8HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-306SecondaryPSIRT@rockwellautomation.com
CWE ID: CWE-306
Type: Secondary
Source: PSIRT@rockwellautomation.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1733.htmlPSIRT@rockwellautomation.com
N/A
Hyperlink: https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1733.html
Source: PSIRT@rockwellautomation.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

5Records found
CVE-2025-7773
Matching Score-8
Assigner-Rockwell Automation
ShareView Details
Matching Score-8
Assigner-Rockwell Automation
CVSS Score-8.8||HIGH
EPSS-0.05% / 16.55%
||
7 Day CHG+0.01%
Published-14 Aug, 2025 | 13:52
Updated-15 Aug, 2025 | 13:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities

A security issue exists within the 5032 16pt Digital Configurable module’s web server. The web server’s session number increments at an interval that correlates to the last two consecutive sign in session interval, making it predictable.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-5032-CFGB16M12P5DR5032-CFGB16M12DR5032-CFGB16M12M12LDR
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-12371
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-9.3||CRITICAL
EPSS-0.10% / 29.13%
||
7 Day CHG+0.01%
Published-18 Dec, 2024 | 15:23
Updated-18 Dec, 2024 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation PowerMonitor™ 1000 Remote Code Execution

A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This vulnerability allows configuration of a new Policyholder user without any authentication via API. Policyholder user is the most privileged user that can perform edit operations, creating admin users and performing factory reset.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-PM1k 1408-EM2A-485PM1k 1408-EM3A-ENTPM1k 1408-EM2A-ENTPM1k 1408-BC3A-ENTPM1k 1408-TS3A-485PM1k 1408-EM1A-ENTPM1k 1408-BC3A-485PM1k 1408-TR2A-ENTPM1k 1408-TR2A-485PM1k 1408-TR1A-ENTPM1k 1408-TS3A-ENTPM1k 1408-EM3A-485PM1k 1408-EM1A-485PM1k 1408-TR1A-485
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-10386
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-9.3||CRITICAL
EPSS-0.08% / 23.56%
||
7 Day CHG+0.01%
Published-25 Oct, 2024 | 17:04
Updated-05 Nov, 2024 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation FactoryTalk ThinManager Authentication Vulnerability

CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in database manipulation.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-thinmanagerFactoryTalk ThinManagerthinmanager
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-12028
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-30.94% / 96.57%
||
7 Day CHG~0.00%
Published-20 Jul, 2020 | 15:17
Updated-16 Sep, 2024 | 23:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation FactoryTalk View SE

In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpoint since those handlers do not enforce appropriate permissions. Rockwell Automation recommends enabling built in security features found within FactoryTalk View SE. Users should follow guidance found in knowledge base articles 109056 and 1126943 to set up IPSec and/or HTTPs.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_viewFactoryTalk View SE
CWE ID-CWE-264
Not Available
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-37368
Matching Score-6
Assigner-Rockwell Automation
ShareView Details
Matching Score-6
Assigner-Rockwell Automation
CVSS Score-8.2||HIGH
EPSS-0.11% / 30.54%
||
7 Day CHG~0.00%
Published-14 Jun, 2024 | 14:30
Updated-31 Jan, 2025 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation FactoryTalk® View SE v11 Information Leakage Vulnerability via Authentication Restriction

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without proper authentication verification.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_viewFactoryTalk® View SEfactorytalk_view
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-306
Missing Authentication for Critical Function
Details not found