CVE-2025-7328

Published: Oct 14, 2025

Modified: Oct 14, 2025

PUBLISHED

Description

Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able to communicate through NATR as a result of denial-of-service or NAT rule modifications. NAT rule modification could also result in device communication to incorrect endpoints. Admin account takeover could allow modification of configuration and require physical access to restore.

Vendor	Product	Versions
Rockwell Automation	Comms - 1783-NATR	affected `Version 1.006 and prior`

Weaknesses (CWE)

CWE-306

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1756.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-7328

Description

Affected Products

Weaknesses (CWE)

References