OTPulse
FeedAboutContact

Rockwell CompactLogix® 5480 Code Execution Vulnerability

Monitor6.8SD1746Sep 9, 2025
Summary

Rockwell CompactLogix 5480 controllers are vulnerable to code execution. An attacker can execute arbitrary code on the device, potentially allowing them to modify ladder logic, alter process parameters, or disrupt operations of the equipment controlled by the PLC.

What this means
What could happen
An attacker could execute arbitrary code on the CompactLogix 5480, potentially modifying control logic or halting operations of critical industrial processes.
Who's at risk
Water utilities and electric utilities using CompactLogix 5480 controllers for process automation, pump control, or distribution systems should be concerned. This affects any facility where these PLCs control critical operations.
How it could be exploited
An attacker with network access to the CompactLogix 5480 controller can send a specially crafted request to the device that triggers code execution, allowing them to run arbitrary commands on the PLC without authentication.
Prerequisites
  • Network access to the CompactLogix 5480 device
remotely exploitableno authentication requiredno patch available
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
CompactLogix 5480 CodeAll versionsNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDImplement firewall rules to block unauthorized access to the CompactLogix 5480; restrict connections to known industrial protocols (EtherNet/IP) from trusted network segments only
Mitigations - no patch available
0/2
CompactLogix 5480 Code has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGSegment the network to restrict access to CompactLogix 5480 controllers; allow only authorized engineering workstations and HMI systems to communicate with these devices
HARDENINGMonitor network traffic to and from CompactLogix 5480 devices for anomalous connections or commands
View full Rockwell Automation advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/6e23f4ac-0825-4520-af41-c536b76bb70d