Remote Access Vulnerability in 1715-AENTR EtherNet/IP Adapter by Rockwell Automation
CVE-2026-10577

10CRITICAL

What is CVE-2026-10577?

A security issue exists in the 1715-AENTR EtherNet/IP Adapter from Rockwell Automation due to a network-accessible debug port that lacks sufficient privilege controls. This flaw allows unauthorized remote access, enabling malicious users to execute intrusive command-line interface (CLI) commands. If successfully exploited, an attacker could manipulate device files, halt operations, adjust memory settings, and alter I/O states, which can severely compromise the device’s confidentiality, integrity, and availability.

Affected Version(s)

1715 EtherNet/IP Communications Module 3.003 and prior

References

CVSS V4

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.