Denial-of-Service Vulnerability in ArmorStart Classic Motor Controller by Rockwell Automation
CVE-2025-9437

8.7HIGH

Key Information:

Vendor: Rockwell Automation
Status: Armorstart Aop
Vendor: CVE Published:; 14 October 2025

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2025-9437?

A vulnerability exists within the ArmorStart Classic distributed motor controller that can lead to denial-of-service conditions. This issue arises from the input of invalid values into the Component Object Model (COM) methods used by the Studio 5000 Logix Designer add-on profile. Exploiting this vulnerability could disrupt operations and impact the functionality of connected systems.

Affected Version(s)

ArmorStart AOP V2.05.07

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
Aug 25, 2025

JSON