Summary
Successful exploitation of this vulnerability could result in a denial-of-service condition.
The following versions of Rockwell Automation 432ES-IG3 Series A are affected:
- 432ES-IG3 Series A (CVE-2025-9368)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 7.5 | Rockwell Automation | Rockwell Automation 432ES-IG3 Series A | Allocation of Resources Without Limits or Throttling |
Background
- Critical Infrastructure Sectors: Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: United States
Vulnerabilities
CVE-2025-9368
A security issue exists within 432ES-IG3 Series A, which affects GuardLink EtherNet/IP Interface, resulting in a denial-of-service condition. A manual power cycle is required to recover the device.
Affected Products
Rockwell Automation 432ES-IG3 Series A
Rockwell Automation
Rockwell Automation 432ES-IG3 Series A: V1.001
known_affected
Remediations
Vendor fix
Rockwell Automation recommends users of 432ES-IG3 Series A update to V2.001.9 or later. The upgrade can be downloaded from the Rockwell Automation website.
Mitigation
Rockwell Automation users using the affected software, who are not able to upgrade to one of the corrected versions, should follow Rockwell Automation’s security best practices.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: