Denial-of-Service Vulnerability in ArmorStart® LT by Rockwell Automation
CVE-2025-9278

8.7HIGH

Key Information:

Vendor: Rockwell Automation
Status: Armorstart® Lt
Vendor: CVE Published:; 20 January 2026

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2025-9278?

A security issue exists within ArmorStart® LT that can lead to a denial-of-service condition. When subjected to a Burp Suite active scan, the device's ICMP connectivity is compromised, resulting in the web application becoming inaccessible. This vulnerability highlights a critical risk to device availability and operational continuity, necessitating prompt attention from users and administrators.

Affected Version(s)

ArmorStart® LT V2.002 and below

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 20, 2026
Vulnerability Reserved
Aug 20, 2025

CVE-2025-9278 Data

JSON