Rockwell Automation Flex 5000 Adapter
Summary
Rockwell Automation Flex 5000 Adapter version 6.011 is affected by a denial-of-service vulnerability (CVE-2026-12659) due to improper handling of crafted CIP packets. Successful exploitation could lead to a denial-of-service condition requiring a power cycle to recover the module.
IFF Assessment
The identified vulnerability allows for a denial-of-service condition, which is detrimental to system availability and operations.
Severity
The CVSS score of 7.5 indicates a High severity vulnerability. The 'Double Free' vulnerability in the Flex 5000 Adapter, when exploited, can lead to a denial-of-service (DoS) condition, impacting the availability of critical manufacturing and IT infrastructure.
Defender Context
This advisory highlights a critical vulnerability in Rockwell Automation's Flex 5000 Adapter, affecting critical infrastructure sectors. Defenders should prioritize patching to version 6.012 or implement Rockwell's recommended security best practices to mitigate the risk of denial-of-service attacks on industrial control systems.