CVE-2025-7328

CVSS v4.0

9.9

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Name of the Vulnerable Software and Affected Versions Rockwell Automation 1783-NATR (affected versions not specified)

Description The affected product contains multiple broken authentication issues stemming from missing authentication checks on critical functions. These issues could lead to denial-of-service, administrative account takeover, or modifications to Network Address Translation (NAT) rules. A denial-of-service or NAT rule modifications could prevent devices from communicating through NATR. Modification of NAT rules could also cause device communication to incorrect endpoints. Successful administrative account takeover could allow for configuration modifications, potentially requiring physical access to restore the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2025-7328

Affected Products

1783-Natr

CVE-2025-7328

Weakness Enumeration

Related Identifiers

Affected Products

References · 5