Skip to main content

Controllogix 5580 Compactlogix 5380 Guardlogix 5580 Compact Guardlogix 5380 1756 En4Tr

1 CVEs product

Monthly

CVE-2026-9636 HIGH This Week

Certificate revocation bypass in Rockwell Automation ControlLogix 5580, CompactLogix 5380, GuardLogix 5580, Compact GuardLogix 5380, and 1756-EN4TR (EN4) communication modules allows a network-based attacker to establish a CIP Security connection using a certificate whose issuing intermediate CA has been revoked. Because the controller does not honor the Certificate Revocation List (CRL) for a revoked intermediate, an attacker holding such a certificate can present it as trusted and bypass CIP Security authentication. No public exploit identified at time of analysis; the vendor rates it CVSS 4.0 8.2 (High).

Authentication Bypass Controllogix 5580 Compactlogix 5380 Guardlogix 5580 Compact Guardlogix 5380 1756 En4Tr
NVD
CVSS 4.0
8.2
EPSS
0.1%
EPSS 0% CVSS 8.2
HIGH This Week

Certificate revocation bypass in Rockwell Automation ControlLogix 5580, CompactLogix 5380, GuardLogix 5580, Compact GuardLogix 5380, and 1756-EN4TR (EN4) communication modules allows a network-based attacker to establish a CIP Security connection using a certificate whose issuing intermediate CA has been revoked. Because the controller does not honor the Certificate Revocation List (CRL) for a revoked intermediate, an attacker holding such a certificate can present it as trusted and bypass CIP Security authentication. No public exploit identified at time of analysis; the vendor rates it CVSS 4.0 8.2 (High).

Authentication Bypass Controllogix 5580 Compactlogix 5380 Guardlogix 5580 Compact Guardlogix 5380 1756 En4Tr
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy