Rockwell Automation CompactLogix

// Description

Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition.

// Vulnerabilities (2)

CVE ID	CVSS Score	Severity	Description
CVE-2026-9307	5.3	medium	A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be leveraged by an attacker to construct malicious packets, leading to Denial-of-Service.
CVE-2025-11694	7.5	high	A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID's visible on the web interface to perform denial-of-service attacks, resulting in a minor fault.

// Affected Products (3)

Vendor	Product	Asset Type	Purdue Level	Firmware
Rockwell Automation	Unknown	plc	L1	--
Rockwell Automation	Unknown	plc	L1	--
Rockwell Automation	Unknown	plc	L1	--

// Remediations (2)

Mitigation: Rockwell Automation recommends users update to V38.011 https://compatibility.rockwellautomation.com/

Rockwell Automation recommends users update to V38.011 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112&mode=3&refSoft=1&versions=55023,55024,55025,55026,55027,55061

Mitigation: For more information, please visit Rockwell Automations SD1776 https://www.rockwellautomation.com/en

For more information, please visit Rockwell Automations SD1776 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1776.html

// Description

// Vulnerabilities (2)

// Affected Products (3)

// Remediations (2)

// References