CVE-2025-13824

Published: Dec 15, 2025

Modified: Dec 15, 2025

PUBLISHED

Description

A security issue exists due to improper handling of malformed CIP packets during fuzzing. The controller enters a hard fault with solid red Fault LED and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF019. To recover, clear the fault.

Vendor	Product	Versions
Rockwell Automation	Micro820®, Micro850®, Micro870®	affected `V23.011 and below` affected `V12.013 and lower` affected `V14.011 and lower`

Weaknesses (CWE)

CWE-763

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1766.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-13824

Description

Affected Products

Weaknesses (CWE)

References