Certificate Revocation Flaw in CompactLogix and ControlLogix Products by Rockwell Automation
CVE-2026-9636
Key Information:
- Vendor
Rockwell Automation
- Status
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-9636?
A security vulnerability has emerged within Rockwell Automation's CompactLogix® 5380 and ControlLogix® 5580 controllers, including EN4 communication modules, which relates to the handling of Certificate Revocation Lists (CRLs). Specifically, the controllers fail to correctly reject certificates signed by an intermediate authority that has been revoked. This flaw could permit a malicious actor to connect to the network using an unauthorized and untrusted certificate, undermining CIP Security safeguards and exposing the system to potential exploitation. Organizations utilizing these systems should take immediate precautions to mitigate risks associated with this vulnerability.
Affected Version(s)
ControlLogix® 5580, CompactLogix® 5380, GuardLogix® 5580, Compact GuardLogix® 5380, 1756-EN4TR Version 36 - Version 37