Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Unauthenticated network-reachable debug CLI (PR:N/AC:L/AV:N); control extends to the driven physical I/O beyond the device, so S:C with full C/I/A:H.
Primary rating from Vendor (rockwellautomation).
CVSS VectorVendor: rockwellautomation
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
A security issue exists within the 1715-AENTR EtherNet/IP Adapter. The affected product exposes a network-accessible debug port that does not enforce proper privilege controls, allowing unauthenticated remote access to intrusive command-line interface (CLI) commands. If exploited, a threat actor could read or delete files, stop tasks, modify memory, and change I/O states, potentially impacting the confidentiality, integrity, and availability of the device.
AnalysisAI
Unauthenticated remote command execution on Rockwell Automation's 1715-AENTR EtherNet/IP Adapter arises from a network-accessible debug port that enforces no privilege controls, exposing intrusive CLI commands to any attacker who can reach the device. An unauthenticated remote actor can read and delete files, halt tasks, modify memory, and manipulate physical I/O states, giving full control over device confidentiality, integrity, and availability. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The single concrete prerequisite is network reachability to the device's debug/CLI service port on the 1715-AENTR; per the CVSS vector (AV:N/AC:L/PR:N/UI:N) no authentication, no user interaction, and no special complexity are required, and the flaw exists in the exposed debug interface as shipped. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Every signal that is present points to maximum priority: the CVSS 4.0 base vector AV:N/AC:L/AT:N/PR:N/UI:N with VC/VI/VA:H and subsequent-system SC/SI/SA:H yields a 10.0, meaning no authentication, no user interaction, low complexity, and impact that propagates beyond the device to the controlled process. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who gains a foothold on the OT/control network - or who reaches an improperly exposed device - connects directly to the 1715-AENTR debug port without any credentials and issues CLI commands. With no authentication enforced, they delete configuration files, alter memory, and flip I/O states to disrupt or manipulate the physical process the redundant I/O system controls. … |
| Remediation | Follow Rockwell Automation advisory SD1785 (https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1785.html) and apply the vendor-provided firmware update for the 1715-AENTR (patch available per vendor advisory; an exact fixed version was not included in the provided data and must be confirmed from SD1785). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, audit network connectivity to all 1715-AENTR adapters and implement immediate network segmentation to restrict access to trusted zones only; disable the debug port if operationally feasible, and document all current access paths. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43675
GHSA-79wc-xmfc-9mc6