IM
IronMonkey Threat Research
‹ Back to ICS Advisories

Rockwell Automation 1715-AENTR EtherNet/IP Adapter

CRITICAL
CVSS 10.0
Date 2026-07-14T06:00:00+00:00
Source cisa-csaf
Published by CISA

// Description

Successful exploitation of this vulnerability could allow an attacker to read or delete files, stop tasks, modify memory, and change I/O states, potentially impacting the confidentiality, integrity, and availability of the device.

// Vulnerabilities (1)

CVE ID CVSS Score Severity Description
CVE-2026-10577 10.0 critical
A security issue exists within the 1715-AENTR EtherNet/IP Adapter. The affected product exposes a network-accessible debug port that does not enforce proper privilege controls, allowing unauthenticated remote access to intrusive command-line interface (CLI) commands. If exploited, a threat actor could read or delete files, stop tasks, modify memory, and change I/O states, potentially impacting the confidentiality, integrity, and availability of the device.

// Remediations (4)

Mitigation: If you have any questions regarding this security issue and how to mitigate it,contact Rockwell Auto
If you have any questions regarding this security issue and how to mitigate it,contact Rockwell Automation for help.
Patch: Rockwell Automation recommends that users update to 1715-AENTR EtherNet/IP Adapter version 3.011 and
Rockwell Automation recommends that users update to 1715-AENTR EtherNet/IP Adapter version 3.011 and later.
Mitigation: Rockwell Automation recommends users of the affected software who are not able to upgrade to one of
Rockwell Automation recommends users of the affected software who are not able to upgrade to one of the corrected versions should use their security best practices.
Mitigation: For more information, see the Rockwell Automation security advisory SD1785
For more information, see the Rockwell Automation security advisory SD1785

// References