September 9, 2025
Rockwell Automation has issued a security advisory for a critical vulnerability in its Stratix industrial Ethernet switches, tracked as CVE-2025-7350. The flaw, rated CVSS 9.6, could allow unauthenticated remote attackers to achieve remote code execution (RCE) by exploiting cross-site request forgery (CSRF) weaknesses.
According to Rockwell, “A security issue affecting multiple Cisco devices also directly impacts Stratix 5410, 5700, and 8000 devices. This can lead to remote code execution by uploading and running malicious configurations without authentication.”
The vulnerability exists in Stratix IOS software version 15.2(8)E5 and below. Improper handling of requests allows attackers to exploit the CSRF flaw, potentially replacing device configurations with malicious code that grants them full control.
The advisory lists the following Stratix product families as affected:
- 1783-BMS*
- 1783-ZMS*
- 1783-IMS*
- 1783-HMS*
- 1783-MS06T
- 1783-MS10T
Any deployment running Stratix IOS version 15.2(8)E5 or earlier is vulnerable.
Rockwell has released Stratix IOS version 15.2(8)E6 as the patched software. Customers are strongly urged to upgrade immediately.
For those unable to upgrade, Rockwell recommends following “our security best practices.” This includes limiting network exposure of the devices, applying access control lists, and ensuring that only trusted users and systems can reach the management interfaces.
Related Posts:
- Critical Vulnerabilities Found in Rockwell Automation FactoryTalk ThinManager
- High-Severity Flaws in Rockwell Arena Simulation Expose Industrial Systems to Memory Abuse
- 9.8 CVSS Score: Rockwell Automation Impacted by High-Severity log4net Vulnerability
- Rockwell Automation Claims Cisco IOS Vulnerability Affects Its Industrial Switch
