Rockwell Automation PowerFlex 755

Plan PatchCVSS 7.5ICS-CERT ICSA-25-056-01Feb 25, 2025

Rockwell AutomationEnergy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Rockwell Automation PowerFlex 755 firmware versions 16.002.279 and earlier contain a vulnerability that could expose sensitive data. The vulnerability is not remotely exploitable. Rockwell has released patched firmware version 20.3.407 to address this issue.

What this means

What could happen

An attacker with local or network access to an unpatched PowerFlex 755 drive could extract sensitive configuration or operational data, potentially compromising drive settings, tuning parameters, or other proprietary information.

Who's at risk

Energy utilities and industrial plants relying on Rockwell PowerFlex 755 variable frequency drives (VFDs) for motor control should prioritize this patch. PowerFlex 755 drives are widely used in water pumping systems, compressors, conveyor systems, and other critical rotating equipment in the energy sector.

How it could be exploited

An attacker must gain local or direct network access to the PowerFlex 755 drive (not remotely exploitable via the internet). Once connected, they could extract sensitive data from the device's firmware or configuration storage without requiring authentication.

Prerequisites

Local or direct network access to PowerFlex 755 device
No authentication required

no authentication requiredaffects industrial motor drives

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

PowerFlex 755: <=16.002.279≤ 16.002.27920.3.407

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDDisable direct network connectivity to PowerFlex 755 devices from business networks and the internet; configure remote monitoring through a secure gateway or VPN if remote access is required

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate PowerFlex 755 firmware to version 20.3.407 or later

Long-term hardening

0/1

HARDENINGRestrict network access to PowerFlex 755 drives by placing them behind industrial-grade firewalls or air-gapping non-critical test units

CVEs (1)

CVE-2025-0631

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/4b060853-a6bf-4ab6-b1e2-3f41e721a53c

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.