🔐 CVE Alert

CVE-2026-9636

UNKNOWN 0.0

Rockwell Automation CompactLogix® 5380 ControlLogix® 5580 / 1756-EN4 Communications Module – Certificate Revocation List Vulnerability

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

A security issue exists within CompactLogix® 5380, ControlLogix® 5580, and EN4 communication modules related to CIP Security certificate revocation handling. The security issue stems from the controller failing to properly reject certificates signed by an intermediate certificate that has been revoked via a Certificate Revocation List (CRL). This could allow a network-based attacker to establish a connection using a certificate that should be untrusted, potentially bypassing CIP Security protections.

CWE CWE-299
Vendor rockwell automation
Product controllogix® 5580, compactlogix® 5380, guardlogix® 5580, compact guardlogix® 5380, 1756-en4tr
Published Jul 14, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for rockwell automation controllogix® 5580, compactlogix® 5380, guardlogix® 5580, compact guardlogix® 5380, 1756-en4tr

Be the first to know when new unknown vulnerabilities affecting rockwell automation controllogix® 5580, compactlogix® 5380, guardlogix® 5580, compact guardlogix® 5380, 1756-en4tr are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Rockwell Automation / ControlLogix® 5580, CompactLogix® 5380, GuardLogix® 5580, Compact GuardLogix® 5380, 1756-EN4TR
Version 36 - Version 37

References

NVD ↗ CVE.org ↗ EPSS Data ↗
rockwellautomation.com: https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1788.html