{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13824", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2025-12-01T14:29:33.649Z", "datePublished": "2025-12-15T15:20:52.952Z", "dateUpdated": "2025-12-15T17:09:43.346Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Micro820\u00ae, Micro850\u00ae, Micro870\u00ae", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "V23.011 and below"}, {"status": "affected", "version": "V12.013 and lower"}, {"status": "affected", "version": "V14.011 and lower"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code\u202f0xF019. To recover,\u202fclear the fault.</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span>"}], "value": "A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code\u202f0xF019. To recover,\u202fclear the fault."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-763", "description": "CWE-763: Release of Invalid Pointer or Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2025-12-15T15:20:52.952Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1766.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112&amp;mode=3&amp;refSoft=1&amp;versions=64421\">V23.012</a>,&nbsp;\n\n<span style=\"background-color: rgb(255, 255, 255);\">Migrate to the newer Micro850/870 controllers (L50E/L70E </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112&amp;mode=3&amp;refSoft=1&amp;versions=64421\">V23.012</a><span style=\"background-color: rgb(255, 255, 255);\">)</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;,&nbsp;\n\n<span style=\"background-color: rgb(255, 255, 255);\">Migrate to the newer Micro820 controllers (L20E V23.011)</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span>\n\n</span><br>"}], "value": "V23.012 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx ,\u00a0\n\nMigrate to the newer Micro850/870 controllers (L50E/L70E V23.012 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx )\u00a0,\u00a0\n\nMigrate to the newer Micro820 controllers (L20E V23.011)"}], "source": {"advisory": "SD1766", "discovery": "UNKNOWN"}, "title": "Micro820\u00ae, Micro850\u00ae, Micro870\u00ae \u2013 Specialized Fuzzing Vulnerabilities", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-15T17:09:38.064268Z", "id": "CVE-2025-13824", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-15T17:09:43.346Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13824", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-15T17:09:38.064268Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-15T16:36:09.352Z"}}], "cna": {"title": "Micro820\u00ae, Micro850\u00ae, Micro870\u00ae \u2013 Specialized Fuzzing Vulnerabilities", "source": {"advisory": "SD1766", "discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "Micro820\u00ae, Micro850\u00ae, Micro870\u00ae", "versions": [{"status": "affected", "version": "V23.011 and below"}, {"status": "affected", "version": "V12.013 and lower"}, {"status": "affected", "version": "V14.011 and lower"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "V23.012 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx ,\u00a0\n\nMigrate to the newer Micro850/870 controllers (L50E/L70E V23.012 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx )\u00a0,\u00a0\n\nMigrate to the newer Micro820 controllers (L20E V23.011)", "supportingMedia": [{"type": "text/html", "value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112&amp;mode=3&amp;refSoft=1&amp;versions=64421\">V23.012</a>,&nbsp;\n\n<span style=\"background-color: rgb(255, 255, 255);\">Migrate to the newer Micro850/870 controllers (L50E/L70E </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112&amp;mode=3&amp;refSoft=1&amp;versions=64421\">V23.012</a><span style=\"background-color: rgb(255, 255, 255);\">)</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;,&nbsp;\n\n<span style=\"background-color: rgb(255, 255, 255);\">Migrate to the newer Micro820 controllers (L20E V23.011)</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span>\n\n</span><br>", "base64": false}]}], "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1766.html"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code\u202f0xF019. To recover,\u202fclear the fault.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code\u202f0xF019. To recover,\u202fclear the fault.</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-763", "description": "CWE-763: Release of Invalid Pointer or Reference"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2025-12-15T15:20:52.952Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13824", "state": "PUBLISHED", "dateUpdated": "2025-12-15T17:09:43.346Z", "dateReserved": "2025-12-01T14:29:33.649Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2025-12-15T15:20:52.952Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code\u202f0xF019. To recover,\u202fclear the fault."}], "id": "CVE-2025-13824", "lastModified": "2025-12-15T18:22:13.783", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2025-12-15T16:15:50.197", "references": [{"source": "PSIRT@rockwellautomation.com", "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1766.html"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-763"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}

{}

{"created": "2025-12-15T21:33:37.352404+00:00", "updated": "2025-12-15T21:33:37.352447+00:00", "vendors": ["rockwellautomation", "rockwellautomation$PRODUCT$micro820", "rockwellautomation$PRODUCT$micro850", "rockwellautomation$PRODUCT$micro870"]}