CVE-2025-14376

Vulnerability Description

A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024.

Vulnerability Details

Published Date

January 20, 2026

Last Modified

January 26, 2026

CWE ID

CWE-922

Source

NVD

Vendor

Rockwell Automation

Product

Verve Asset Manager

External References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1767.html

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment