Denial-of-Service Vulnerability in Rockwell Automation 5370/5570 Controllers
CVE-2025-12011
9.2CRITICAL
Key Information:
- Vendor
Rockwell Automation
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2025-12011?
A significant vulnerability exists in Rockwell Automation's 5370 and 5570 controllers, where a remote attacker could exploit this flaw by loading an invalid project. This action potentially triggers a major non-recoverable fault (MNRF), resulting in a complete failure of the device, which may lead to system downtime. It is crucial for users of these controllers to implement necessary mitigations to safeguard against such remote exploitation.
Affected Version(s)
CompactLogix® 5370 Compact GuardLogix® 5370 ControlLogix® 5570 GuardLogix® 5570 35.015 and earlier