Rockwell Automation has disclosed two critical vulnerabilities affecting FLEX I/O EtherNet/IP Adapters (models 1794-AENTR and 1794-AENTRXT version 2.012). One vulnerability allows unauthenticated attackers to reset the web interface password via a crafted HTTP request, potentially leading to unauthorized access. The second causes denial-of-service through improper memory handling of CIP protocol requests. Firmware version 2.013 is available to address both issues.

Why it matters in Western Canada: Industrial automation equipment is critical infrastructure across Western Canadian energy, manufacturing, and utility sectors. Organizations operating these Rockwell adapters face immediate risk of system compromise and operational disruption if vulnerabilities remain unpatched.

CVEs: CVE-2026-0646, CVE-2026-0647

---

Summary generated from the original advisory. Read the full source: cisa-advisories