www.cisa.gov 7/16/2026, 5:32:26 PM · external

CISA warns Rockwell PLC flaws may cause denial of service

CyberSIXT Evidence Panel
Primary Source github.com
CISA KEV Not in KEV
Patch Patch Status Unknown

THE CISA advisory (ICSA-26-197-06) released on July 16, 2026, reports vulnerabilities in Rockwell Automation products: CompactLogix, ControlLogix, Compact GuardLogix, and GuardLogix. The noted issues could lead to denial-of-service conditions due to various software versions being affected. The vulnerabilities include CVE-2025-12011, CVE-2025-12012, and CVE-2025-11698, which expose certain controllers to potential exploitation.

CISA recommends users update their devices to specific firmware versions to mitigate risks. The advisory emphasizes minimizing network exposure, employing secure connections, and conducting thorough impact analyses as preventive measures.

View Primary Source Via www.cisa.gov

Article by CyberSIXT