CSRF in Rockwell Automation Comms - 1783-natr
CVE-2025-7330
A cross-site request forgery security issue exists in the product and version listed. The vulnerability stems from missing CSRF checks on the impacted form. This allows for unintended configuration modification if an attacker can convince…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.002 (8.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N.
Affected products
- Rockwell Automation Comms - 1783-natr — versions Version 1.006 and prior
- Rockwellautomation 1783-natr
- Rockwellautomation 1783-natr_firmware
Weakness classification (CWE)
References
- PSIRT@rockwellautomation.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2025-7330?
- CVE-2025-7330 is a medium-severity vulnerability in Rockwell Automation Comms - 1783-natr, classified under Cross-Site Request Forgery (CSRF). CVSS score: 6.5/10. Published 2025-10-14.
- How severe is CVE-2025-7330?
- Medium severity. CVSS v3 base score is 6.5 out of 10.