{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-13824","assignerOrgId":"b73dd486-f505-4403-b634-40b078b177f0","state":"PUBLISHED","assignerShortName":"Rockwell","dateReserved":"2025-12-01T14:29:33.649Z","datePublished":"2025-12-15T15:20:52.952Z","dateUpdated":"2025-12-15T17:09:43.346Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Micro820®, Micro850®, Micro870®","vendor":"Rockwell Automation","versions":[{"status":"affected","version":"V23.011 and below"},{"status":"affected","version":"V12.013 and lower"},{"status":"affected","version":"V14.011 and lower"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF019. To recover, clear the fault. "}],"value":"A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF019. To recover, clear the fault."}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":8.7,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-763","description":"CWE-763: Release of Invalid Pointer or Reference","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"b73dd486-f505-4403-b634-40b078b177f0","shortName":"Rockwell","dateUpdated":"2025-12-15T15:20:52.952Z"},"references":[{"url":"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1766.html"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"V23.012, \n\nMigrate to the newer Micro850/870 controllers (L50E/L70E V23.012) , \n\nMigrate to the newer Micro820 controllers (L20E V23.011) \n\n
"}],"value":"V23.012 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx , \n\nMigrate to the newer Micro850/870 controllers (L50E/L70E V23.012 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx ) , \n\nMigrate to the newer Micro820 controllers (L20E V23.011)"}],"source":{"advisory":"SD1766","discovery":"UNKNOWN"},"title":"Micro820®, Micro850®, Micro870® – Specialized Fuzzing Vulnerabilities","x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-12-15T17:09:38.064268Z","id":"CVE-2025-13824","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-12-15T17:09:43.346Z"}}]}}