Denial-of-Service Vulnerability in Rockwell Automation Products
CVE-2025-9177

7.7HIGH

Key Information:

Vendor: Rockwell Automation
Status: 1715-aentr Ethernet/ip Adapter
Vendor: CVE Published:; 14 October 2025

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2025-9177?

A denial-of-service vulnerability in Rockwell Automation's web server can be exploited by sending a high volume of requests to the server, leading to potential crashes. While this prevents access to the webpage, it does not disrupt I/O control or communication. Users will need to cycle the power to restore functionality, highlighting the importance of implementing safeguards against excessive request loads to mitigate potential downtime.

Affected Version(s)

1715-AENTR EtherNet/IP Adapter Version 3.003 and prior

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
Aug 19, 2025

JSON