CVE-2026-9636
Rockwell Automation CompactLogix® 5380 ControlLogix® 5580 / 1756-EN4 Communications Module – Certificate Revocation List Vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A security issue exists within CompactLogix® 5380, ControlLogix® 5580, and EN4 communication modules related to CIP Security certificate revocation handling. The security issue stems from the controller failing to properly reject certificates signed by an intermediate certificate that has been revoked via a Certificate Revocation List (CRL). This could allow a network-based attacker to establish a connection using a certificate that should be untrusted, potentially bypassing CIP Security protections.
| CWE | CWE-299 |
| Vendor | rockwell automation |
| Product | controllogix® 5580, compactlogix® 5380, guardlogix® 5580, compact guardlogix® 5380, 1756-en4tr |
| Published | Jul 14, 2026 |
| Last Updated | Jul 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for rockwell automation controllogix® 5580, compactlogix® 5380, guardlogix® 5580, compact guardlogix® 5380, 1756-en4tr
Be the first to know when new unknown vulnerabilities affecting rockwell automation controllogix® 5580, compactlogix® 5380, guardlogix® 5580, compact guardlogix® 5380, 1756-en4tr are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Rockwell Automation / ControlLogix® 5580, CompactLogix® 5380, GuardLogix® 5580, Compact GuardLogix® 5380, 1756-EN4TR
Version 36 - Version 37