CISA

Rockwell Automation Flex 5000 Adapter

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected product.

The following versions of Rockwell Automation Flex 5000 Adapter are affected:

Flex 5000 Adapter 6.011 (CVE-2026-12659)

Vendor

Equipment

Rockwell Automation

Rockwell Automation Flex 5000 Adapter

Double Free

Critical Infrastructure Sectors: Critical Manufacturing, Information Technology

Countries/Areas Deployed: Worldwide

Company Headquarters Location: United States

A denial-of-service security issue exists in the affected products. The security issue stems from improper handling of exceptional conditions when processing crafted CIP packets sent to the adapter. A power cycle is required to recover the module and associated I/O.

Rockwell Automation Flex 5000 Adapter

MitigationCustomers using the affected software, who are not able to upgrade t...