Cross-Site Request Forgery Vulnerability in Rockwell Automation Product
CVE-2025-7330

7HIGH

Key Information:

Vendor

Rockwell Automation
Status
Comms - 1783-natr
Vendor
CVE Published:
14 October 2025

What is CVE-2025-7330?

A security issue related to cross-site request forgery has been identified in certain Rockwell Automation products. This vulnerability arises from inadequate CSRF checks on affected forms, which could allow an attacker to manipulate configuration settings if they successfully trick a logged-in administrator into clicking on a malicious link. It is crucial for users to implement necessary security measures to mitigate the risks associated with this vulnerability.

Affected Version(s)

Comms - 1783-NATR Version 1.006 and prior

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V4

Score:
7
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-7330 : Cross-Site Request Forgery Vulnerability in Rockwell Automation Product