Micro800 – Multiple Vulnerabilities

Published Date: 8/14/2025 
Last Updated: 8/14/2025 
Revision Number: 1.0 
CVSS Score: 9.8/10

The security of our products is important to us as your chosen industrial automation supplier. This anomaly was found internally during routine testing and is being reported based on our commitment to customer transparency and to improve their business or production environments.

AFFECTED PRODUCTS AND SOLUTION

VULNERABILITY DETAILS

Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities.

CVE-2023-48691 IMPACT

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause an out-of-bounds write in Azure RTOS NETX Duo, that could lead to remote code execution. The affected components include a process related to IGMP protocol in RTOS v6.2.1 and below. The fix has been included in NetX Duo release 6.3.0. Users are advised to upgrade. 

CVSS 3.1 Base Score: 9.8 
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.3 
CVSS 4.0 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE: CWE-1395: Dependency on Vulnerable Third-Party Component 
Known Exploited Vulnerability (KEV) database: No

CVE-2023-48692 IMPACT

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp, tcp, snmp, dhcp, nat and ftp in RTOS v6.2.1 and below. The fixes have been included in NetX Duo release 6.3.0. Users are advised to upgrade. 

CVSS 3.1 Base Score: 9.8 
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.3 
CVSS 4.0 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE: CWE-1395: Dependency on Vulnerable Third-Party Component 
Known Exploited Vulnerability (KEV) database: No

CVE-2023-48693 IMPACT

Azure RTOS ThreadX is an advanced real-time operating system (RTOS) designed specifically for deeply embedded applications. An attacker can cause arbitrary read and write due to vulnerability in parameter checking mechanism in Azure RTOS ThreadX, which may lead to privilege escalation. The affected components include RTOS ThreadX v6.2.1 and below. The fixes have been included in ThreadX release 6.3.0. Users are advised to upgrade. 

CVSS 3.1 Base Score: 9.8 
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.3 
CVSS 4.0 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE: CWE-1395: Dependency on Vulnerable Third-Party Component 
Known Exploited Vulnerability (KEV) database: No

CVE-2025-7693 IMPACT

A security issue exists due to improper handling of malformed CIP Forward Close packets during fuzzing. The controller enters a solid red Fault LED state and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF015. To recover, clear the fault.

CVSS 3.1 Base Score: 9.8 
CVSS 3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.3 
CVSS 4.0 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE:  CWE-20: Improper Input Validation 
Known Exploited Vulnerability (KEV) database: No

Mitigations and Workarounds  
Users should update to the corrected version if possible. If users using the affected software are not able to upgrade the version, security best practices should be applied. 

•         Security Best Practices 

Glossary:

• TCP/IP: language computers use to talk to each other on a network or the internet

• IoT: network of physical devices, like thermostat, fridge, or car

• Remote Code Execution: allows attackers to run arbitrary code on a remote machine, connecting to it over public or private networks 

• IGMP:  (Internet Group Management Protocol) Used by IP hosts and adjacent routers to establish multicast group memberships. 

• ICMP:  (Internet Control Message Protocol) Used for sending error messages and operational information, such as when a service is unavailable or a host/router cannot be reached. 

• TCP: (Transmission Control Protocol) A connection-oriented protocol that ensures reliable data transmission between devices.

• SNMP:  (Simple Network Management Protocol) Used for collecting and organizing information about managed devices on IP. 

• DHCP: (Dynamic Host Configuration Protocol) Automatically assigns IP addresses and other network configuration parameters to devices on a network, allowing them to communicate effectively.

• NAT: (Network Address Translation) A method used to remap IP addresses by modifying network address information in packet headers.  

• FTP: (File Transfer Protocol) uses two primary ports for its operations: Port 21 and Port 20. These ports play distinct roles in facilitating file transfers between clients and servers.

• Parameter: setting or value that helps define how data is transmitted, received, or managed across a network

• CIP: (Common Industrial Protocol) a communication protocol designed for automation applications in industrial settings

• Fuzzing: a technique that focuses on discovering vulnerabilities by providing a large amount of random and unexpected data inputs to a software system to trigger faults and find implementation bugs