Rockwell Automation’s Logix 5370 and 5570 controller families contain a denial-of-service vulnerability triggered by specially crafted CIP messages, potentially causing major nonrecoverable faults requiring program downloads to restore service. Affected versions include CompactLogix 5370 up to 34.016, Compact GuardLogix 5370 up to 35.015, ControlLogix 5570 up to 35.015, and GuardLogix 5570 version 36.012. Devices with limited memory are at higher risk of exploitation.

Why it matters in Western Canada: Industrial control systems in Western Canada’s energy, manufacturing, and critical infrastructure sectors may rely on these Logix controllers; exploitation could disrupt operations at refineries, utilities, and manufacturing facilities across the region.

CVEs: CVE-2026-11317

---

Summary generated from the original advisory. Read the full source: cisa-advisories