Primary

Context

Rockwell Automation ControlLogix Ethernet Modules Web Debugger Agent Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in Rockwell Automation ControlLogix Ethernet Modules, specifically in the 1756-EN2T/D, 1756-EN2F/C, 1756-EN2TR/C, 1756-EN3TR/B, and 1756-EN2TP/A models, all running version 11.004 or below. The vulnerability arises from a web-based debugger agent that, when accessed from a specific IP address, allows remote attackers to perform memory dumps, modify memory, and control the execution flow of the application.

Impact

Exploitation of this vulnerability allows remote attackers to execute arbitrary code by manipulating memory and controlling the execution flow of the application.

Remediation

Users should update to version 12.001. For those unable to upgrade, it is recommended to apply security best practices.

Added: Aug 14, 2025, 4:25 PM

Updated: Aug 14, 2025, 4:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation ControlLogix Ethernet Modules Web Debugger Agent Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating