5599 matches found
CVE-2026-12659
The CVE-2026-12659 issue affects Rockwell Automation’s Flex 5000® Adapter. It is a denial-of-service vulnerability caused by improper handling of exceptional conditions when processing crafted CIP packets sent to the adapter. The impact is a loss of availability in the affected module and I/O, wi...
CVE-2026-9636
CVE-2026-9636 affects Rockwell CompactLogix 5380, ControlLogix 5580, and EN4 communications modules. The issue is in CIP Security certificate revocation handling: the controller may fail to reject certificates signed by intermediates that have been revoked via a CRL, potentially allowing a networ...
CVE-2026-10577
The CVE-2026-10577 entry concerns the 1715-AENTR EtherNet/IP Adapter, where a network-accessible debug port does not enforce proper privilege controls. This allows unauthenticated remote access to destructive CLI commands, potentially enabling read/delete of files, stopping tasks, memory modifica...
CVE-2026-0647
The 1794-AENTR adapter (Rockwell Automation FLEX I/O dual‑port EtherNet/IP) has an improper authentication flaw in its embedded web server. An unauthenticated attacker can change the device web interface password by sending a crafted HTTP GET request to a specific endpoint, without prior authenti...
CVE-2026-0647 Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities
An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any prior authentication...
CVE-2026-0646
The affected product is Rockwell Automation 1794-AENTR adapters (EtherNet/IP). The issue is a denial-of-service caused by improper memory handling of CIP protocol requests in the 1794-AENTR adapter, which can cause the device to fault and drop connections to its linked I/O modules, requiring a ma...
CVE-2026-0646 Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities
A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability can result in the adapter faulting and losing connection to its associated I/O modules, requiring a manual reset to recover...
CVE-2025-14272 Rockwell Automation FactoryTalk Analytics PavilionX
A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including user/role management and other administrative actions...
CVE-2025-13036 Rockwell Automation FactoryTalk Historian Site Edition - Authentication Bypass
An authentication bypass security issue exists within FactoryTalk Historian Site Edition. By continually sending requests to the login endpoint, an attacker may obtain a valid authentication token...
CVE-2026-9307
The CVE-2026-9307 issue affects CompactLogix 5370 controllers where the web server exposes CIP Connection IDs on the diagnostics page to unauthenticated users, enabling an attacker to craft malicious packets and cause Denial-of-Service. The available documents do not specify affected firmware ver...
CVE-2025-11694
The CVE-2025-11694 issue affects 1769 CompactLogix controllers (CIP protocol). The root cause is missing validation of sequence numbers and source IP addresses, enabling an attacker to abuse exposed Connection IDs visible on the web interface to trigger denial-of-service conditions resulting in a...
CVE-2025-11694 Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities
A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in...
CVE-2025-11694 Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities
A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in...
CVE-2026-11317 Rockwell Automation Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CIP
A denial of service security issue exists in the affected product. The security issue stems from a fault occurring when a crafted CIP message is sent. Devices with less memory are more likely to be affected. This can result in a major nonrecoverable fault MNRF. A program download is required to...
CVE-2026-11317
CVE-2026-11317 affects Rockwell Automation Logix 5370 and 5570 controllers. The issue is a denial-of-service fault triggered by a crafted CIP message, with memory-constrained devices more likely to be affected. Consequences described are a major nonrecoverable fault (MNRF) requiring a program dow...
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
Iran-affiliated cyber actors are targeting internet-facing operational technology OT devices across critical infrastructures in the U.S., including programmable logic controllers PLCs, cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality,...
CVE-2020-25178
creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...
CVE-2025-13824
creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...
CVE-2025-13823
creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...
CVE-2020-25176
creationtimestamp| type| source ---|---|--- 2026-03-10 04:00:00+00:00| seen| https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html...