CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2025-7328

CVSS 9.9v4.0pub. 2025-10-14upd. 2025-10-29

Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able to communicate through NATR as a result of denial-of-service or NAT rule modifications. NAT rule modification could also result in device communication to incorrect endpoints. Admin account takeover could allow modification of configuration and require physical access to restore.

🤖 AI Analysis
How it works

The vulnerabilities result from the lack of authentication mechanisms (CWE-306) protecting critical device functions. An unauthenticated attacker can remotely invoke these functions directly without providing any credentials. As a result, it is possible to take over the administrator account, modify network address translation (NAT) rules, or cause the device to enter a denial-of-service state. Modification of NAT rules can redirect network traffic to incorrect endpoints, disrupting communication of industrial devices.

Impact

An attacker can completely take over the administrator account and change device configuration, block communication through NATR via denial-of-service, or redirect network traffic to unauthorized endpoints. Restoring the device after administrator account takeover may require physical access to the hardware.

Mitigation & patch

Patches available from the manufacturer should be applied in accordance with the references — details in the Rockwell Automation security bulletin SD1756 available at: https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1756.html

Who is affected

Rockwell Automation 1783-NATR and 1783-NATR firmware — versions indicated in the manufacturer's references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Rockwellautomation 1783 Natr

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation 1783 Natr Firmware

    OS
    Rockwellautomation
    < 1.007
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2025-7329HIGH8.5ten sam produkt

A Stored Cross-Site Scripting security issue exists in the affected product that could potentially allow a mal...

CVE-2025-7330HIGH7.0ten sam produkt

A cross-site request forgery security issue exists in the product and version listed. The vulnerability stems ...

CVE-2023-20198CRITICAL10.0⚠ KEVten sam vendor

Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in...

CVE-2021-22681CRITICAL9.8⚠ KEVten sam vendor

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 ...

CVE-2025-0477CRITICAL9.3PL ✓ten sam vendor

Słabe szyfrowanie haseł w Rockwell Automation FactoryTalk AssetCentre