Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected product.
The following versions of Rockwell Automation Flex 5000 Adapter are affected:
Flex 5000 Adapter 6.011 (CVE-2026-12659)
Vendor
Equipment
Rockwell Automation
Rockwell Automation Flex 5000 Adapter
Double Free
Critical Infrastructure Sectors: Critical Manufacturing, Information Technology
Countries/Areas Deployed: Worldwide
Company Headquarters Location: United States
A denial-of-service security issue exists in the affected products. The security issue stems from improper handling of exceptional conditions when processing crafted CIP packets sent to the adapter. A power cycle is required to recover the module and associated I/O.
Rockwell Automation Flex 5000 Adapter
MitigationCustomers using the affected software, who are not able to upgrade t...
Read the full advisory on CISA →