Denial-of-Service Vulnerability in Rockwell Automation Communication Modules
CVE-2026-9653
8.7HIGH
Key Information:
- Vendor
Rockwell Automation
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-9653?
A security issue has been identified in Rockwell Automation’s 1756-EN2, EN3, and ENBT communication modules, resulting from improper validation of CIP Implicit Connection packets. This vulnerability could allow an attacker on the same network to send specially crafted packets, which may disrupt device connections. While the connections will recover swiftly after the disruption, the potential for network instability highlights the importance of addressing this issue promptly to ensure continued operational integrity.
Affected Version(s)
1756-EN2, 1756-EN3 12.001 and before
1756-ENBT 6.006