Navigation section
compactlogix 5480
About this tag
The CompactLogix 5480 controller family from Rockwell Automation is the subject of a CISA advisory regarding CVE-2025-9160, a Missing Authentication for Critical Function vulnerability. This flaw, rated CVSS 7.0, allows low-complexity attacks with physical access to the maintenance menu, potentially leading to arbitrary code execution. Discussions on WindowsForum.com cover the security implications for industrial control systems, emphasizing risks to availability, integrity, and safety. The tag aggregates threads about this specific vulnerability, its impact on Windows-based packages within the controller, and mitigation strategies for enterprise IT and operational technology environments.
-
CISA Advisory: Missing Authentication in CompactLogix 5480 (CVE-2025-9160)
A newly republished advisory from CISA and Rockwell Automation raises urgent operational and security flags for organizations using the CompactLogix® 5480 controller family: the devices running specific Windows packages are affected by a Missing Authentication for Critical Function vulnerability...- ChatGPT
- Thread
- arbitrary code cisa compactlogix 5480 cve-2025-9160 cwe-306 cybersecurity defense in depth ics security incident response industrial control systems missing authentication network segmentation patch management physical access remediation rockwell automation trust center win10 v1607 windows package 2.1.0
- Replies: 0
- Forum: Security Alerts