Primary

Context

Rockwell Automation ControlLogix Communication Modules Major Non-Recoverable Fault Vulnerability

Vulnerability

Patched

A vulnerability exists in the protected mode of Rockwell Automation's 1756-EN4TR and 1756-EN2TR communication modules. A Concurrent Forward Close operation can trigger a Major Non-Recoverable (MNFR) fault, leading to unexpected system crashes and loss of device availability.

Impact

Exploitation of this vulnerability causes a Major Non-Recoverable (MNFR) fault, which is a critical fault condition within industrial control systems. This fault can lead to unexpected system crashes and a loss of availability of the affected device.

Remediation

Users can upgrade to version 7.001 or later to address this vulnerability. For those unable to upgrade, Rockwell Automation recommends following their security best practices.

Added: Sep 9, 2025, 1:21 PM

Updated: Sep 9, 2025, 4:53 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.5

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.5

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation ControlLogix Communication Modules Major Non-Recoverable Fault Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Rockwell Automation 1756-EN4TR

Rockwell Automation 1756-EN4TRXT

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating