CVE-2026-9307

UNKNOWN 0.0

Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be leveraged by an attacker to construct malicious packets, leading to Denial-of-Service.

CWE	CWE-497
Vendor	rockwell automation
Product	compactlogix 5370
Published	Jun 16, 2026
Last Updated	Jun 16, 2026

Stay Ahead of the Next One

Get instant alerts for rockwell automation compactlogix 5370

Be the first to know when new unknown vulnerabilities affecting rockwell automation compactlogix 5370 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Rockwell Automation / CompactLogix 5370

V36

References

NVD ↗ CVE.org ↗ EPSS Data ↗

rockwellautomation.com: https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1776.html

Credits

This security issue was found by external researcher Tyler Lentz of Idaho National Laboratory.