cve-2025-9437

About this tag
CVE-2025-9437 is a denial-of-service vulnerability in Rockwell Automation's ArmorStart Classic distributed motor controller, specifically in the Studio 5000 Logix Designer add-on profile (AOP). The flaw can be triggered by feeding invalid values into Component Object Model (COM) methods, affecting ArmorStart AOP version V2.05.07 and earlier. As of the advisory, no corrected release is available, so operators must rely on defensive controls and risk-mitigation measures. This tag covers discussions about the vulnerability, its impact on industrial control systems, and recommended mitigations until a patch is released.
  1. ArmorStart AOP DoS CVE-2025-9437: Patch Not Available, Mitigations Ahead

    Rockwell Automation has confirmed a denial‑of‑service vulnerability in the Studio 5000 Logix Designer add‑on profile (AOP) for the ArmorStart Classic distributed motor controller that can be triggered by feeding invalid values into Component Object Model (COM) methods; the issue is tracked as...