CVE-2025-11694

Vulnerability Description

A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in a minor fault.

Vulnerability Details

Published Date

June 16, 2026

Last Modified

June 16, 2026

CWE ID

CWE-354

Source

NVD

Vendor

Rockwell Automation

Product

CompactLogix 5370

External References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1776.html

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment