CVE-2025-7353

Published: Aug 14, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow.

Vendor	Product	Versions
Rockwell Automation	1756-EN2T/D	affected `Version 11.004 or below`
Rockwell Automation	1756-EN2F/C	affected `Version 11.004 or below`
Rockwell Automation	1756-EN2TR/C	affected `Version 11.004 or below`
Rockwell Automation	1756-EN3TR/B	affected `Version 11.004 or below`
Rockwell Automation	1756-EN2TP/A	affected `Version 11.004 or below`

Weaknesses (CWE)

CWE-1188

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1732.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-7353

Description

Affected Products

Weaknesses (CWE)

References