1. Home
  2. CVE Database
  3. CVE-2025-7328
CRITICAL · 9.8

CVE-2025-7328

Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial...

Vulnerability Description

Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able to communicate through NATR as a result of denial-of-service or NAT rule modifications. NAT rule modification could also result in device communication to incorrect endpoints. Admin account takeover could allow modification of configuration and require physical access to restore.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
Rockwellautomation1783-Natr Firmware< 1.007
Rockwellautomation1783-Natr-

Related Weaknesses (CWE)

CWE-306

References

FAQ

What is CVE-2025-7328?

CVE-2025-7328 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial...

How severe is CVE-2025-7328?

CVE-2025-7328 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-7328?

Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation 1783-Natr Firmware, Rockwellautomation 1783-Natr.