Security Flaw in Protected Mode of Rockwell Automation Communication Modules
CVE-2025-8007

7.1HIGH

Key Information:

Vendor: Rockwell Automation
Status: 1756-ent2r, 1756-en4tr, 1756-en4trxt
Vendor: CVE Published:; 9 September 2025

🔔 Create Rockwell Automation Vulnerability Alert

What is CVE-2025-8007?

A notable security issue has been identified in the protected mode of Rockwell Automation's 1756-EN4TR and 1756-EN2TR communication modules. This vulnerability arises when a Concurrent Forward Close operation triggers a Major Non-Recoverable Fault, leading to unexpected system crashes and potential loss of device availability. Users of these communication modules should be aware of this risk and consider measures to safeguard their systems.

Affected Version(s)

1756-ENT2R, 1756-EN4TR, 1756-EN4TRXT Version 6.001 or Prior

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
Jul 21, 2025

JSON