Home

Description

A denial-of-service security issue exists across all the 1756-EN2, EN3, and ENBT communication module due to improper validation of CIP Implicit Connection packets. An attacker on the network can exploit this by sending crafted packets to continuously disrupt device connections, though device connections will recover immediately after.

PUBLISHED Reserved 2026-05-26 | Published 2026-07-14 | Updated 2026-07-14 | Assigner Rockwell




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-354 Improper validation of integrity check value

Product status

Default status
unaffected

12.001 and before
affected

Default status
unaffected

6.006
affected

References

www.rockwellautomation.com/...dvisories/advisory.SD1780.html

cve.org (CVE-2026-9653)

nvd.nist.gov (CVE-2026-9653)

Download JSON