Denial-of-Service Vulnerability in Rockwell Automation's Adapter Products
CVE-2026-12659

8.7HIGH

What is CVE-2026-12659?

A denial-of-service vulnerability exists in Rockwell Automation's adapter products due to improper management of exceptional conditions when processing specially crafted CIP packets. This vulnerability can lead to system instability, requiring a power cycle to restore functionality to the affected module and connected I/O devices.

Affected Version(s)

The FLEX 5000® EtherNet/IP Adapter version 6.011

References

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.