OTPulse
FeedAboutContact

Rockwell Automation Verve Asset Manager

Act Now9.1ICS-CERT ICSA-25-084-02Mar 25, 2025
Attack VectorNetwork
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary

Rockwell Automation Verve Asset Manager versions 1.39 and earlier contain a vulnerability that allows an attacker with administrative access to execute arbitrary commands within the container running the service. This could compromise the integrity and availability of asset management functions and potentially provide lateral access to connected industrial equipment. The vulnerability affects CWE-1287 (Improper Validation of Specified Quantity in Input).

What this means
What could happen
An attacker with administrative access to Verve Asset Manager could run arbitrary commands within the container, potentially disrupting asset visibility and control functions across connected industrial equipment.
Who's at risk
Water authorities and electrical utilities using Rockwell Automation Verve Asset Manager for asset inventory and monitoring. The vulnerability affects all versions up to 1.39, which are commonly deployed in utility SCADA and asset management environments.
How it could be exploited
An attacker with valid administrative credentials accesses the Verve Asset Manager interface over the network and exploits the vulnerability to execute arbitrary commands within the service container, allowing them to compromise the application's integrity and potentially access connected assets or management data.
Prerequisites
  • Valid administrator credentials for Verve Asset Manager
  • Network access to the Verve Asset Manager service
  • Running version 1.39 or earlier
Requires high privileges (administrative credentials)Network reachableLow attack complexityContainer escape potentialAffects centralized asset management visibility
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
Verve Asset Manager: <=1.39≤ 1.391.40
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGRestrict network access to Verve Asset Manager using firewall rules, limiting connections to only authorized engineering and administrative networks
HARDENINGEnforce strong authentication controls and audit administrative access logs regularly
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Verve Asset Manager to version 1.40 or later
Long-term hardening
0/1
HARDENINGImplement network segmentation to isolate the Verve Asset Manager system from the business network and the Internet
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/f7fc8fe7-25af-4d43-8861-0b362cde62ac
Rockwell Automation Verve Asset Manager | CVSS 9.1 - OTPulse