THE advisory, ICSA-26-197-02, issued by CISA on July 16, 2026, addresses a critical vulnerability in Rockwell Automation's 1756-EN2, 1756-EN3, and 1756-ENBT devices. The vulnerability, identified as CVE-2026-9653, allows for denial-of-service attacks due to improper validation of Integrity Check Value within CIP Implicit Connection packets. Affected versions include 1756-EN3 and 1756-EN2 (<=V12.001), and 1756-ENBT (V6.006).
Users are recommended to upgrade to version 12.002 or secure their devices by minimizing network exposure. The vulnerability has a CVSS score of 7.5, indicating high severity.