CVE-2026-0646— Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities
Possible ATT&CK Techniques 1AI
T1499 · Endpoint Denial of ServiceAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Rockwell Automation | FLEX I/O EtherNet/IP Adapters | 2.012 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-0646
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability can result in the adapter faulting and losing connection to its associated I/O modules, requiring a manual reset to recover.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
在移除最后引用时对内存的释放不恰当(内存泄露)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Rockwell Automation | FLEX I/O EtherNet/IP Adapters | 2.012 | - |
II. Public POCs for CVE-2026-0646
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-0646
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-0646 (1)
Same Patch Batch · Rockwell Automation · 2026-06-16 · 7 CVEs total
| CVE-2026-0647 | Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities | |
| CVE-2026-11317 | Rockwell Automation Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CI | |
| CVE-2026-9307 | Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities | |
| CVE-2025-11694 | Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities | |
| CVE-2025-14272 | Rockwell Automation FactoryTalk Analytics PavilionX | |
| CVE-2025-13036 | Rockwell Automation FactoryTalk Historian Site Edition - Authentication Bypass |
IV. Related Vulnerabilities
Same vendor: Rockwell Automation
- CVE-2026-0647
Rockwell Automation FLEX I/O Dual-port EtherNet/IP Adapters - CVE-2025-14272
Rockwell Automation FactoryTalk Analytics PavilionX - CVE-2025-13036
Rockwell Automation FactoryTalk Historian Site Edition - Aut - CVE-2026-9307
Rockwell Automation CompactLogix 5370 Controllers – Multiple - CVE-2025-11694
Rockwell Automation CompactLogix 5370 Controllers – Multiple
Same weakness: CWE-401
- CVE-2026-48141
Memory leak in NI grpc-device BeginSidebandStream - CVE-2026-48059
Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE - CVE-2026-48006
Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Le - CVE-2026-20746
PingDirectory copying of virtual attributes leads to memory - CVE-2026-53464
ImageMagick: Memory Leak in wand option parser when providin
V. Comments for CVE-2026-0646
No comments yet