CVE-2025-8007 HIGH

CVE-2025-8007: Rockwell Automation 1756-ENT2R, EN4TR, EN4TRXT Vulnerability

Vendor Rockwell Automation
Product 1756-ENT2R, 1756-EN4TR, 1756-EN4TRXT
Weakness CWE-20 · Input validation
Published September 9, 2025
Last update September 9, 2025

CVSS base score

7.1/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules, where a Concurrent Forward Close operation can trigger a Major Non-Recoverable (MNFR) fault. This condition may lead to unexpected system crashes and loss of device availability.

Key dates

02Disclosure timeline

September 9, 2025 CVE published
September 9, 2025 Record updated

Related vulnerabilities

04Related CVE