CVE 8.8 HIGH

Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities_CVE-2026-0647

June 16, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

Description

An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any prior authentication being required. If exploited, this could lead to unauthorized access, account takeover, and loss of the device’s embedded web server’s availability.

AI Analysis

Improper authentication vulnerability allowing unauthorized password changes in the device's web interface

Basic Information

ID CVE-2026-0647

Source Rockwell

Published Jun 16, 2026 at 14:20

Affected Product

Vendor Rockwell Automation

Product FLEX I/O EtherNet/IP Adapters

Version 2.012

Affected Versions Rockwell Automation FLEX I/O EtherNet/IP Adapters 2.012

CWE Classification

CWE-306

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Rockwell Automation

Product FLEX I/O EtherNet/IP Adapters

Version 2.012

References

www.rockwellautomation.com /en-us/trust-center/security-advisories/advisory.SD1775.html

{
    "lastseen": "",
    "description": "An improper authentication security issue exists within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any prior authentication being required. If exploited, this could lead to unauthorized access, account takeover, and loss of the device\u2019s embedded web server\u2019s availability.",
    "published": "2026-06-16T14:20:12.535Z",
    "modified": "2026-06-16T14:20:35.423Z",
    "type": "cve",
    "title": "Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters \u2013 Multiple Vulnerabilities",
    "source": "Rockwell",
    "references": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1775.html",
    "id": "CVE-2026-0647",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "Rockwell Automation FLEX I/O EtherNet/IP Adapters 2.012",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FLEX I/O EtherNet/IP Adapters",
    "version": "2.012",
    "vendor": "Rockwell Automation",
    "ai_description": "Improper authentication vulnerability allowing unauthorized password changes in the device's web interface",
    "ai_severity": "High",
    "ai_vendor": "Rockwell Automation",
    "ai_product": "FLEX I/O EtherNet/IP Adapters",
    "ai_version": "2.012",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply