Primary

Context

Rockwell Automation FLEX 5000 I/O Module Fault Vulnerability in CIP Class 32 Handling

Vulnerability

A vulnerability exists in the Rockwell Automation FLEX 5000 I/O 5094-IF8 device due to improper management of requests related to CIP Class 32 when the module is inhibited. This mismanagement causes the module to enter a fault state, indicated by a flashing red LED. Once the module is un-inhibited, it returns a connection fault (Code 16#0010) and cannot recover without a power cycle.

Impact

The vulnerability causes the affected module to enter a fault state, with the Module LED flashing red. After un-inhibiting, the module experiences a connection fault (Code 16#0010) and requires a power cycle to recover.

Remediation

Users should update to version 2.012 or later. If an upgrade is not possible, security best practices should be applied.

Added: Aug 14, 2025, 3:44 PM

Updated: Aug 14, 2025, 3:44 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation FLEX 5000 I/O Module Fault Vulnerability in CIP Class 32 Handling

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating