IM
IronMonkey Threat Research
‹ Back to ICS Advisories

Rockwell Automation Flex 5000 Adapter

HIGH
CVSS 7.5
Date 2026-07-16T06:00:00+00:00
Source cisa-csaf
Published by CISA

// Description

Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected product.

// Vulnerabilities (1)

CVE ID CVSS Score Severity Description
CVE-2026-12659 7.5 high
A denial-of-service security issue exists in the affected products. The security issue stems from improper handling of exceptional conditions when processing crafted CIP packets sent to the adapter. A power cycle is required to recover the module and associated I/O.

// Remediations (3)

Mitigation: For more information, see Rockwell Automation Security Advisory SD1789 (https://www.rockwellautomati
For more information, see Rockwell Automation Security Advisory SD1789 (https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1789.html).
Mitigation: Customers using the affected software, who are not able to upgrade to one of the corrected versions,
Customers using the affected software, who are not able to upgrade to one of the corrected versions, should use Rockwell Automation's security best practices (https://support.rockwellautomation.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight).
Patch: Rockwell Automation recommends users to upgrade to the following: Flex 5000 Adapter version 6.012.
Rockwell Automation recommends users to upgrade to the following: Flex 5000 Adapter version 6.012.

// References