CVE-2025-11694

Description

A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in a minor fault.

References

• https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1776.html