[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-rockwell-plc-flaws-put-factory-floors-at-risk-of-shutdown":10,"sections":41},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":22,"persona_id":22,"persona_name":22,"section":30,"tags":31,"sources":36,"feedback":40,"feedback_at":22,"cost_usd":40,"total_tokens":40},4766,"rockwell-plc-flaws-put-factory-floors-at-risk-of-shutdown","Rockwell PLC Flaws Put Factory Floors at Risk of Shutdown","Three buffer overflow bugs in Rockwell PLCs let unauthenticated remote attackers crash industrial controllers into an unrecoverable fault.","Three denial-of-service vulnerabilities in Rockwell Automation's CompactLogix, ControlLogix, and GuardLogix controllers can crash industrial devices into an unrecoverable state - no authentication required.\n\nA federal advisory covers three CVEs (CVE-2025-12011, CVE-2025-12012, and CVE-2025-11698) affecting nearly every variant of Rockwell's Logix controller family, including safety-rated GuardLogix models used in high-stakes environments. The flaws are classic buffer overflows: one lets a remote attacker load an invalid project to force a major non-recoverable fault on 5370\u002F5570 controllers; another lets an attacker write invalid file data to trigger the same outcome on 5380\u002F5480\u002F5580 models. All three carry a CVSS 4.0 score of 9.2 and require no privileges or user interaction to exploit. Recovery Image firmware at or below version 1.072 is also affected; those operators should upgrade to V36.013 or V37.011 or later, which ships with corrected boot firmware.\n\nRockwell's Logix family runs factory automation, automotive assembly, and other critical manufacturing infrastructure worldwide. A successful attack doesn't just pause a process - a major non-recoverable fault requires physical intervention to restore, turning a remote network exploit into a plant-floor crisis.\n\nICS vulnerabilities with unauthenticated remote access have been climbing for years, yet OT patch cycles routinely stretch months - giving attackers a long window to work with.","[\"ics-security\",\"vulnerabilities\",\"industrial-control-systems\",\"rockwell-automation\"]","2026-07-16T12:00:00.000Z","2026-07-16T15:53:47.088Z","2026-07-16T15:53:49.860Z","published",null,[24],{"id":25,"reviewer":26,"round":27,"reason":28,"status":29},"editor-r1","editor",1,"The article states the Recovery Image fix requires updating to firmware '1.072 or later,' but the source specifies the vulnerability affects versions at or below 1.072 — meaning 1.072 is the vulnerable version, not the fix; the correct remediation is to update to a version greater than 1.072 (or use V36.013\u002FV37.011+). Fix this factual inversion before publishing.","resolved","security",[32,33,34,35],"ics-security","vulnerabilities","industrial-control-systems","rockwell-automation",[37],{"name":38,"url":39},"CISA Advisories","https:\u002F\u002Fwww.cisa.gov\u002Fnews-events\u002Fics-advisories\u002Ficsa-26-197-06",0,{"sections":42},[43,48,52,57,62,67,72,77,82,87,92,97,102,107],{"name":44,"slug":45,"count":46,"latest_published_at":47},"AI","ai",2595,"2026-07-16T13:43:58.000Z",{"name":49,"slug":30,"count":50,"latest_published_at":51},"Security",301,"2026-07-16T16:05:00.000Z",{"name":53,"slug":54,"count":55,"latest_published_at":56},"Deals","deals",179,"2026-06-29T20:02:07.000Z",{"name":58,"slug":59,"count":60,"latest_published_at":61},"Policy","policy",162,"2026-07-16T18:16:53.000Z",{"name":63,"slug":64,"count":65,"latest_published_at":66},"Hardware","hardware",125,"2026-07-16T15:39:09.000Z",{"name":68,"slug":69,"count":70,"latest_published_at":71},"Consumer Tech","consumer-tech",94,"2026-07-16T16:29:46.000Z",{"name":73,"slug":74,"count":75,"latest_published_at":76},"Software","software",71,"2026-07-16T15:33:28.000Z",{"name":78,"slug":79,"count":80,"latest_published_at":81},"Science","science",66,"2026-07-10T10:29:37.000Z",{"name":83,"slug":84,"count":85,"latest_published_at":86},"Dev Tools","dev-tools",60,"2026-07-16T16:59:13.000Z",{"name":88,"slug":89,"count":90,"latest_published_at":91},"Startups","startups",42,"2026-07-16T16:30:35.000Z",{"name":93,"slug":94,"count":95,"latest_published_at":96},"Gaming","gaming",41,"2026-07-09T04:00:00.000Z",{"name":98,"slug":99,"count":100,"latest_published_at":101},"General","general",29,"2026-07-10T22:28:58.000Z",{"name":103,"slug":104,"count":105,"latest_published_at":106},"Reviews","reviews",20,"2026-06-24T12:00:01.000Z",{"name":108,"slug":109,"count":110,"latest_published_at":111},"How-To","how-to",6,"2026-06-16T09:00:00.000Z"]