Skip to main content

1715-AENTR Adapter CVE-2026-10577

| EUVDEUVD-2026-43675 CRITICAL
Missing Authentication for Critical Function (CWE-306)
2026-07-14 PSIRT@rockwellautomation.com GHSA-79wc-xmfc-9mc6
10.0
CVSS 4.0 · Vendor: rockwellautomation
Share

Severity by source

Vendor (rockwellautomation) PRIMARY
10.0 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
10.0 CRITICAL

Unauthenticated network-reachable debug CLI (PR:N/AC:L/AV:N); control extends to the driven physical I/O beyond the device, so S:C with full C/I/A:H.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (rockwellautomation).

CVSS VectorVendor: rockwellautomation

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jul 14, 2026 - 13:31 vuln.today
CVE Published
Jul 14, 2026 - 13:18 cve.org
CRITICAL 10.0

DescriptionCVE.org

A security issue exists within the 1715-AENTR EtherNet/IP Adapter. The affected product exposes a network-accessible debug port that does not enforce proper privilege controls, allowing unauthenticated remote access to intrusive command-line interface (CLI) commands. If exploited, a threat actor could read or delete files, stop tasks, modify memory, and change I/O states, potentially impacting the confidentiality, integrity, and availability of the device.

AnalysisAI

Unauthenticated remote command execution on Rockwell Automation's 1715-AENTR EtherNet/IP Adapter arises from a network-accessible debug port that enforces no privilege controls, exposing intrusive CLI commands to any attacker who can reach the device. An unauthenticated remote actor can read and delete files, halt tasks, modify memory, and manipulate physical I/O states, giving full control over device confidentiality, integrity, and availability. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach device debug port on OT network
Delivery
Connect to unauthenticated CLI service
Exploit
Issue privileged CLI commands (auth bypass)
Execution
Modify memory / delete files / change I/O states
Impact
Disrupt physical process and device availability

Vulnerability AssessmentAI

Exploitation The single concrete prerequisite is network reachability to the device's debug/CLI service port on the 1715-AENTR; per the CVSS vector (AV:N/AC:L/PR:N/UI:N) no authentication, no user interaction, and no special complexity are required, and the flaw exists in the exposed debug interface as shipped. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Every signal that is present points to maximum priority: the CVSS 4.0 base vector AV:N/AC:L/AT:N/PR:N/UI:N with VC/VI/VA:H and subsequent-system SC/SI/SA:H yields a 10.0, meaning no authentication, no user interaction, low complexity, and impact that propagates beyond the device to the controlled process. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who gains a foothold on the OT/control network - or who reaches an improperly exposed device - connects directly to the 1715-AENTR debug port without any credentials and issues CLI commands. With no authentication enforced, they delete configuration files, alter memory, and flip I/O states to disrupt or manipulate the physical process the redundant I/O system controls. …
Remediation Follow Rockwell Automation advisory SD1785 (https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1785.html) and apply the vendor-provided firmware update for the 1715-AENTR (patch available per vendor advisory; an exact fixed version was not included in the provided data and must be confirmed from SD1785). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, audit network connectivity to all 1715-AENTR adapters and implement immediate network segmentation to restrict access to trusted zones only; disable the debug port if operationally feasible, and document all current access paths. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-10577 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy