Rockwell CompactLogix flaws leak data, allow DoS attacks

THE advisory details vulnerabilities in Rockwell Automation's CompactLogix series, specifically the 5370 L1, L2, and L3 versions. The identified issues could allow attackers to cause denial-of-service conditions due to improper validation checks. The vulnerabilities are classified under CVEs, including CVE-2025-11694 and CVE-2026-9307, which disclose sensitive information and allow misuse through the web interface. Users are urged to update to version V38.011 for mitigation. Critical infrastructure sectors affected include critical manufacturing, and guidance is provided to minimize cyber risks.