CVE-2025-14377

Published: Jan 20, 2026

Modified: Jan 20, 2026

PUBLISHED

Description

A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024.

Vendor	Product	Versions
Rockwell Automation	Verve Asset Manager	affected `1.33 1.34 1.35 1.36 1.37 1.38 1.39 1.40 1.41 1.41.1 1.41.2 1.41.3`

Weaknesses (CWE)

CWE-312

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1767.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-14377

Description

Affected Products

Weaknesses (CWE)

References