CVE-2025-11694

Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities

CVSS 8.7 HIGHEPSS 0.2%CWE-354

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 8.7EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

16 Jun 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in a minor fault.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected products

Rockwell Automation · CompactLogix 5370

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1776.html