Summary
Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.
The following versions of Rockwell Automation ArmorStart LT are affected:
- ArmorStart LT 290D <=V2.002 (CVE-2025-9464, CVE-2025-9465, CVE-2025-9466, CVE-2025-9278, CVE-2025-9279, CVE-2025-9280, CVE-2025-9281, CVE-2025-9282, CVE-2025-9283)
- ArmorStart LT 291D <=V2.002 (CVE-2025-9464, CVE-2025-9465, CVE-2025-9466, CVE-2025-9278, CVE-2025-9279, CVE-2025-9280, CVE-2025-9281, CVE-2025-9282, CVE-2025-9283)
- ArmorStart LT 294D <=V2.002 (CVE-2025-9464, CVE-2025-9465, CVE-2025-9466, CVE-2025-9278, CVE-2025-9279, CVE-2025-9280, CVE-2025-9281, CVE-2025-9282, CVE-2025-9283)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 7.5 | Rockwell Automation | Rockwell Automation ArmorStart LT | Uncontrolled Resource Consumption |
Background
- Critical Infrastructure Sectors: Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: United States
Vulnerabilities
CVE-2025-9464
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. This vulnerability is triggered during fuzzing of multiple CIP classes, which causes the CIP port to become unresponsive.
Affected Products
Rockwell Automation ArmorStart LT
Vendor:
Rockwell Automation
Rockwell Automation
Product Version:
Rockwell Automation ArmorStart LT 290D: <=V2.002, Rockwell Automation ArmorStart LT 291D: <=V2.002, Rockwell
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Rockwell Automation ArmorStart LT 290D: <=V2.002, Rockwell Automation ArmorStart LT 291D: <=V2.002, Rockwell
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from All CISA Advisories
Read the original article: