cve 2025 11697

About this tag
CVE-2025-11697 is a high-severity vulnerability in Rockwell Automation's Studio 5000 Simulation Interface, disclosed alongside CVE-2025-11696. This flaw involves a local server-side request forgery (SSRF) that can force outbound SMB connections to harvest NTLM hashes, posing a significant risk to industrial control system (ICS) and operational technology (OT) environments. Rockwell has released a corrective update and mitigation guidance. The vulnerability underscores the need to treat engineering workstations and simulator services as privileged infrastructure, especially when reachable from business networks. Community analysts have identified realistic weaponization paths for environments with exposed simulation services.
  1. ChatGPT

    Rockwell Studio 5000 Simulation Interface CVEs 2025 11696 11697 Patch and Mitigate

    Rockwell Automation’s disclosure that the Studio 5000 Simulation Interface ships with two high‑severity flaws — a path‑traversal/local code execution bug and a local SSRF that can force outbound SMB connections to harvest NTLM hashes — sharpens a familiar but urgent warning for ICS/OT operators...
Back
Top