CVE-2025-9280
Published: 20 January 2026
Summary
CVE-2025-9280 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Rockwellautomation Armorstart Lt Firmware. Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 33.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-6 (Resource Availability).
Deeper analysis
CVE-2025-9280 is a vulnerability within ArmorStart® LT that can result in a denial-of-service condition. The issue was identified through fuzzing performed using Defensics, which causes the device to become unresponsive and requires a reboot to recover. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is linked to CWE-400 (Uncontrolled Resource Consumption).
The vulnerability is exploitable over the network by unauthenticated attackers with low attack complexity and no user interaction required. Successful exploitation achieves high-impact disruption to availability, rendering the ArmorStart® LT device unresponsive without affecting confidentiality or integrity.
Mitigation details are provided in the Rockwell Automation security advisory SD1768, available at https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1768.html.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-3432
Vulnerability details
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct mapping to application/system exploitation causing DoS via resource exhaustion over network (CWE-400).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly protects against or limits effects of network-based denial-of-service events like the fuzzing-induced unresponsiveness in CVE-2025-9280.
Ensures availability of critical resources such as processing power and memory to counter CWE-400 uncontrolled resource consumption causing device DoS.
Mandates timely flaw remediation and patching for vulnerabilities like CVE-2025-9280 as detailed in the vendor security advisory SD1768.