CVE-2026-0647 Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities

An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any prior authentication...

CVE-2026-0647

The 1794-AENTR adapter (Rockwell Automation FLEX I/O dual‑port EtherNet/IP) has an improper authentication flaw in its embedded web server. An unauthenticated attacker can change the device web interface password by sending a crafted HTTP GET request to a specific endpoint, without prior authenti...

CVE-2026-0646

The affected product is Rockwell Automation 1794-AENTR adapters (EtherNet/IP). The issue is a denial-of-service caused by improper memory handling of CIP protocol requests in the 1794-AENTR adapter, which can cause the device to fault and drop connections to its linked I/O modules, requiring a ma...

CVE-2026-0646 Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities

A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability can result in the adapter faulting and losing connection to its associated I/O modules, requiring a manual reset to recover...

CVE-2025-14272 Rockwell Automation FactoryTalk Analytics PavilionX

A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including user/role management and other administrative actions...

CVE-2025-13036 Rockwell Automation FactoryTalk Historian Site Edition - Authentication Bypass

An authentication bypass security issue exists within FactoryTalk Historian Site Edition. By continually sending requests to the login endpoint, an attacker may obtain a valid authentication token...

CVE-2026-9307

The CVE-2026-9307 issue affects CompactLogix 5370 controllers where the web server exposes CIP Connection IDs on the diagnostics page to unauthenticated users, enabling an attacker to craft malicious packets and cause Denial-of-Service. The available documents do not specify affected firmware ver...

CVE-2026-9307 Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities

A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be leveraged by an attack...

CVE-2025-11694 Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities

A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in...

CVE-2025-11694

The CVE-2025-11694 issue affects 1769 CompactLogix controllers (CIP protocol). The root cause is missing validation of sequence numbers and source IP addresses, enabling an attacker to abuse exposed Connection IDs visible on the web interface to trigger denial-of-service conditions resulting in a...

CVE-2025-11694 Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities

A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in...

CVE-2026-11317

CVE-2026-11317 affects Rockwell Automation Logix 5370 and 5570 controllers. The issue is a denial-of-service fault triggered by a crafted CIP message, with memory-constrained devices more likely to be affected. Consequences described are a major nonrecoverable fault (MNRF) requiring a program dow...

CVE-2026-11317 Rockwell Automation Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CIP

A denial of service security issue exists in the affected product. The security issue stems from a fault occurring when a crafted CIP message is sent. Devices with less memory are more likely to be affected. This can result in a major nonrecoverable fault MNRF. A program download is required to...

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-affiliated cyber actors are targeting internet-facing operational technology OT devices across critical infrastructures in the U.S., including programmable logic controllers PLCs, cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality,...

CVE-2021-32926

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...

CVE-2020-25176

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...

CVE-2020-25178

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...

CVE-2020-25184

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...

CVE-2020-25180

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...

CVE-2025-13823

creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...