Denial-of-Service Vulnerability in Rockwell Automation Controller
CVE-2025-9166
8.2HIGH
Key Information:
- Vendor
Rockwell Automation
- Status
- Vendor
- CVE Published:
- 9 September 2025
What is CVE-2025-9166?
A denial-of-service vulnerability has been identified in Rockwell Automation's controllers, where repeated attempts to forward messages can lead to a significant nonrecoverable fault in the system. This could severely disrupt operational continuity and requires immediate attention to mitigate risks associated with service interruptions.
Affected Version(s)
ControlLogix® 5580 Version 35.013