CVE-2026-0646

Summary

A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability can result in the adapter faulting and losing connection to its associated I/O modules, requiring a manual reset to recover.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationFLEX I/O EtherNet/IP Adapters2.012affected

Weaknesses

  • CWE-401: CWE-401 – Missing Release of Memory after Effective Lifetime

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References