OTPulse
FeedAboutContact

Rockwell Automation ArmorStart AOP

Monitor7.5ICS-CERT ICSA-25-289-04Oct 16, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

ArmorStart AOP version 2.05.07 and earlier contains an uncaught exception vulnerability (CWE-248) that can be triggered remotely without authentication or user interaction. Successful exploitation causes a denial-of-service condition, rendering the affected system unavailable.

What this means
What could happen
An attacker could remotely crash ArmorStart AOP, causing the device to become unresponsive and interrupting any armor or safety interlocking logic it controls. Operations dependent on this system would halt until the device is manually restarted.
Who's at risk
Water authorities and electric utilities using Rockwell Automation ArmorStart AOP for safety interlocking and armor protection logic in control systems. This affects any facility where ArmorStart AOP is deployed as part of industrial safety or equipment protection systems.
How it could be exploited
An attacker with network access to ArmorStart AOP can send a specially crafted input that triggers an uncaught exception, causing the application to crash. No authentication or credentials are required. The device would need to be restarted to restore functionality.
Prerequisites
  • Network access to ArmorStart AOP listening port
  • No authentication required
  • No user interaction required
Remotely exploitableNo authentication requiredLow complexity attackNo patch availableDenial-of-service impactAffects safety/protective systems
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
ArmorStart AOP: <=V2.05.07≤ V2.05.07No fix (EOL)
Remediation & Mitigation
0/5
Do now
0/3
HARDENINGImplement network segmentation: isolate ArmorStart AOP systems from the internet and restrict access from engineering networks using firewall rules limited to authorized administrator IP addresses only
HARDENINGIf remote access is required, implement a VPN with multi-factor authentication for engineering access to the ArmorStart AOP system
WORKAROUNDMonitor ArmorStart AOP for unexpected restarts or availability loss; implement alerts if the device becomes unreachable
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGReview and document the operational impact of an ArmorStart AOP outage and develop a manual safety response procedure in case of unexpected denial-of-service
Long-term hardening
0/1
HOTFIXContact Rockwell Automation for updates on patch availability and future fixed versions
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/199a2a80-7662-4842-aaec-0d98ea1aafc2