You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-7350
About this tag
CVE-2025-7350 is a critical injection vulnerability in Rockwell Automation Stratix IOS affecting multiple Stratix switch families. It allows remote attackers to upload and execute malicious configurations without authentication. CISA republished the advisory, assigning a CVSS v3.1 base score of 9.6 and a CVSS v4 base score of 8.6. Rockwell recommends upgrading to Stratix IOS 15.2(8)E6 or later. This vulnerability targets industrial networking gear at OT edges, posing significant risks to operational technology environments. Discussions on WindowsForum cover the technical details, affected devices, and urgent patching steps for CVE-2025-7350.
Rockwell Automation has confirmed a serious injection vulnerability in Stratix IOS that affects multiple Stratix switch families and can be exploited remotely to upload and run malicious configurations without authentication; CISA has republished Rockwell’s advisory and assigned CVE‑2025‑7350...