Rockwell Automation Lifecycle Services with VMware

Back to Archive

Source

CISA_ICS

Published

3-18-2025

CVE IDs

CVE-2025-22224 CVE-2025-22225 CVE-2025-22226

Affected Products

Engineered and Integrated Solutions with VMware, VersaVirtual Appliance (VVA) with VMware, Industrial Data Center (IDC) with VMware, Threat Detection Managed Services (TDMS) with VMware, Endpoint Protection Service with RA Proxy & VMware only

Summary

Successful exploitation of these vulnerabilities could allow an attacker with local administrative privileges to execute code.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-077-02https://www.cve.org/CVERecord?id=CVE-2025-22224https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:Hhttps://www.cve.org/CVERecord?id=CVE-2025-22225https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:Hhttps://www.cve.org/CVERecord?id=CVE-2025-22226https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N