Rockwell Automation Arena Simulation

25 november 2025 om 12:00:00

cisa.gov

CISA published an advisory for CVE-2025-13084, a vulnerability in Opto 22 groov View that exposes sensitive information through metadata. The vulnerability allows users with Editor role to access API keys for all users including Administrators through the users endpoint in the groov View API. This could lead to credential exposure, key exposure, and privilege escalation. The vulnerability affects groov View Server for Windows versions R1.0a to R4.5d and GRV-EPIC firmware versions prior to 4.0.3. Opto 22 has released patches and recommends upgrading to the latest versions. The vulnerability was reported by researchers from Meta and has CVSS v3.1 score of 7.6 and CVSS v4 score of 6.1.

Related links:

https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-04 https://github.com/cisagov/CSAF https://cwe.mitre.org/data/definitions/1230.html https://www.cve.org/CVERecord?id=CVE-2025-13084 https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L https://www.first.org/cvss/calculator/4-0#CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N https://www.opto22.com/support/resources-tools/knowledgebase/kb91325 https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.cisa.gov/topics/industrial-control-systems https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B

Related CVE's:

CVE-2025-13084

Related threat actors:

No threat actors found in this article

Affected products:

Opto 22 groov Viewgroov View Server for WindowsGRV-EPIC-PR1GRV-EPIC-PR2

IOC's:

No IOCs found in this article