Rockwell Automation Verve Asset Manager

Plan PatchCVSS 9.9ICS-CERT ICSA-25-317-05Nov 11, 2025

Rockwell Automation

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Verve Asset Manager versions 1.33 through 1.41.3 contain an authorization bypass vulnerability (CWE-863) that allows an authenticated attacker to access or alter user data. The vulnerability has a CVSS v3.1 score of 9.9 with network attack vector, low complexity, and requires only user-level login. Impact includes confidentiality, integrity, and availability concerns for asset data.

What this means

What could happen

An authenticated attacker could access or modify user data within Verve Asset Manager, potentially compromising sensitive asset configuration and operational information across your connected industrial devices.

Who's at risk

Organizations running Rockwell Automation Verve Asset Manager for asset discovery and management in industrial facilities, including manufacturing plants, utilities, and critical infrastructure operators who rely on this tool for device inventory and configuration oversight.

How it could be exploited

An attacker with valid credentials to Verve Asset Manager could exploit an authorization bypass vulnerability to perform unauthorized actions and access or alter user data beyond their assigned permissions.

Prerequisites

Valid user credentials for Verve Asset Manager
Network access to the Verve Asset Manager application interface

remotely exploitableauthentication requiredaffects asset management and configuration datahigh CVSS score (9.9)

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (13)

12 with fix1 EOL

ProductAffected VersionsFix Status

Verve Asset ManagerAll versionsNo fix (EOL)

Verve Asset Manager: 1.341.341.41.4

Verve Asset Manager: 1.351.351.41.4

Verve Asset Manager: 1.361.361.41.4

Verve Asset Manager: 1.371.371.41.4

Verve Asset Manager: 1.381.381.41.4

Verve Asset Manager: 1.391.391.41.4

Verve Asset Manager: 1.401.401.41.4

Remediation & Mitigation

0/4

Do now

0/1

Verve Asset Manager

HARDENINGRestrict network access to Verve Asset Manager to authorized engineering and administrative users only; deny access from untrusted networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

Verve Asset Manager

HOTFIXUpdate Verve Asset Manager to version 1.41.4 or later

Mitigations - no patch available

0/2

Verve Asset Manager has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGIsolate the Verve Asset Manager system on a separate network segment behind a firewall, preventing direct access from business/IT networks

HARDENINGEnforce strong authentication for Verve Asset Manager (e.g., multi-factor authentication if available) to reduce the risk of unauthorized credential use

CVEs (1)

CVE-2025-11862

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/d8b83fe1-2946-4341-8268-89e00c4a40de

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.