CVE-2026-11317 | THREATINT

Description

A denial of service security issue exists in the affected product. The security issue stems from a fault occurring when a crafted CIP message is sent. Devices with less memory are more likely to be affected. This can result in a major nonrecoverable fault (MNRF). A program download is required to recover.

PUBLISHED Reserved 2026-06-04 | Published 2026-06-16 | Updated 2026-06-16 | Assigner Rockwell

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-404: Improper Resource Shutdown or Release

Product status

Default status

affected

Versions prior to 34.016

affected

Versions prior to 35.015

affected

Versions prior to 36.012

affected

References

www.rockwellautomation.com/...dvisories/advisory.SD1772.html

cve.org (CVE-2026-11317)

nvd.nist.gov (CVE-2026-11317)

Download JSON