Security Flaw in Protected Mode of Rockwell Automation Communication Modules
CVE-2025-8007

7.1HIGH

What is CVE-2025-8007?

A notable security issue has been identified in the protected mode of Rockwell Automation's 1756-EN4TR and 1756-EN2TR communication modules. This vulnerability arises when a Concurrent Forward Close operation triggers a Major Non-Recoverable Fault, leading to unexpected system crashes and potential loss of device availability. Users of these communication modules should be aware of this risk and consider measures to safeguard their systems.

Affected Version(s)

1756-ENT2R, 1756-EN4TR, 1756-EN4TRXT Version 6.001 or Prior

References

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-8007 : Security Flaw in Protected Mode of Rockwell Automation Communication Modules