Rockwell Automation has issued firmware version 2.013 for its FLEX I/O EtherNet/IP adapters to close two serious vulnerabilities.
The advisory lists CVE‑2026‑0646, a memory‑handling flaw that can crash the 1794‑AENTR and 1794‑AENTRXT modules, and CVE‑2026‑0647, an unauthenticated password‑change bug in the embedded web server. Both affect version 2.012 of the adapters and carry CVSS scores of 7.5 and 9.4 respectively. Rockwell’s mitigation guidance is a straight‑forward firmware upgrade; no public exploits have been reported.
For manufacturers that rely on these adapters for real‑time I/O, the bugs translate to potential production downtime and unauthorized control‑system access. The memory issue can force a manual reset, while the authentication flaw could let an attacker seize the device’s web interface. Updating now avoids a scramble later, especially for sites that expose control‑system traffic to broader networks.
Bottom line: Apply firmware 2.013 immediately to patch CVE‑2026‑0646 and CVE‑2026‑0647, or risk denial‑of‑service and credential takeover on critical industrial hardware.