Rockwell Automation Flex 5000 Adapter

Summary

Rockwell Automation Flex 5000 Adapter version 6.011 is affected by a denial-of-service vulnerability (CVE-2026-12659) due to improper handling of crafted CIP packets. Successful exploitation could lead to a denial-of-service condition requiring a power cycle to recover the module.

IFF Assessment

FOE

The identified vulnerability allows for a denial-of-service condition, which is detrimental to system availability and operations.

Severity

7.5 High

The CVSS score of 7.5 indicates a High severity vulnerability. The 'Double Free' vulnerability in the Flex 5000 Adapter, when exploited, can lead to a denial-of-service (DoS) condition, impacting the availability of critical manufacturing and IT infrastructure.

Defender Context

This advisory highlights a critical vulnerability in Rockwell Automation's Flex 5000 Adapter, affecting critical infrastructure sectors. Defenders should prioritize patching to version 6.012 or implement Rockwell's recommended security best practices to mitigate the risk of denial-of-service attacks on industrial control systems.

Read Full Story →