Rockwell Automation Studio 5000 Simulation Interface

Back to Archive

Source

CISA_ICS

Published

11-13-2025

CVE IDs

CVE-2025-11696 CVE-2025-11697

Affected Products

Studio 5000 Simulation Interface

Summary

Successful exploitation of these vulnerabilities could allow attackers to trigger outbound SMB requests to capture NTLM hashes and execute scripts with Administrator privileges upon system reboot.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-06https://www.cve.org/CVERecord?id=CVE-2025-11696https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:Hhttps://www.cve.org/CVERecord?id=CVE-2025-11697https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H