Multiple Broken Authentication Issues in Rockwell Automation Products
CVE-2025-7328

9.9CRITICAL

Key Information:

Vendor: Rockwell Automation
Status: Comms - 1783-natr
Vendor: CVE Published:; 14 October 2025

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2025-7328?

Multiple broken authentication security issues are present in Rockwell Automation products due to inadequate authentication checks on critical functions. These vulnerabilities could lead to significant consequences, including potential denial-of-service attacks, unauthorized admin account takeover, and harmful modifications to NAT rules. This could obstruct device communication and redirect it to incorrect endpoints, posing serious operational challenges. Additionally, unauthorized access to admin accounts would allow malicious actors to alter configurations, potentially necessitating physical access to restore affected systems.

Affected Version(s)

Comms - 1783-NATR Version 1.006 and prior

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V4

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
Jul 7, 2025

JSON