Remote Code Execution Vulnerability in Cisco Stratix Devices
CVE-2025-7350

8.6HIGH

Key Information:

Vendor: Rockwell Automation
Status: Stratix iOS
Vendor: CVE Published:; 9 September 2025

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2025-7350?

A security issue has been identified in multiple Cisco devices that poses a significant threat to Stratix® 5410, 5700, and 8000 models. This vulnerability enables an attacker to execute arbitrary code remotely by uploading malicious configurations without the need for authentication. This poses serious risks to the integrity and security of the affected systems, highlighting the importance of applying security updates and following best practices.

Affected Version(s)

Stratix IOS 15.2(8)E5 and below

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
Jul 8, 2025

JSON