Rockwell Automation FLEX I/O EtherNet/IP Adapters

CRITICAL

CVSS 9.4

Date 2026-06-16T06:00:00+00:00

Source cisa-csaf

Published by CISA

// Description

Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access, account takeover, and cause loss of availability.

// Vulnerabilities (2)

CVE ID	CVSS Score	Severity	Description
CVE-2026-0646	7.5	high	A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability can result in the adapter faulting and losing connection to its associated I/O modules, requiring a manual reset to recover.
CVE-2026-0647	9.4	critical	An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any prior authentication being required. If exploited, this could lead to unauthorized access, account takeover, and loss of the device's embedded web server's availability.

// Remediations (2)

Mitigation: For more information, please visit Rockwell Automation's SD1775 https://www.rockwellautomation.com/e

For more information, please visit Rockwell Automation's SD1775 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1775.html

Mitigation: Rockwell Automation recommends users update to 2.013 to resolve these vulnerabilities.

Rockwell Automation recommends users update to 2.013 to resolve these vulnerabilities.

Rockwell Automation FLEX I/O EtherNet/IP Adapters

// Description

// Vulnerabilities (2)

// Remediations (2)

// References