Auth bypass in Rockwell Automation Compactlogix® 5480

CVE-2025-9160

A code execution security issue exists in the affected product. An attacker with physical access could abuse the maintenance menu of the controller with a crafted payload. The security issue can result in arbitrary code execution.

Vulnerability class: Broken Authentication

EPSS: 0.002 (8.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References