Impact
The vulnerability is an authentication bypass in the embedded web server of the 1794-AENTR adapter. An unauthenticated attacker can send a crafted GET request to a specific endpoint and change the web‑interface password. This allows the attacker to gain administrative privileges, takeover the device, and potentially disrupt its web‑server service. It is a weakness defined by CWE‑306.
Affected Systems
The affected devices are Rockwell Automation FLEX I/O EtherNet/IP Adapters, specifically the 1794-AENTR model. No additional version details are supplied, so any adapter running the vulnerable firmware is potentially at risk.
Risk and Exploitability
The CVSS score of 8.8 indicates high severity, and the EPSS score of less than 1% suggests that active exploitation is currently unlikely. The vulnerability is not listed in the CISA KEV catalog, so no public exploits are known. The likely attack vector involves remote access over the Ethernet/IP network to the adapter’s web interface, without requiring prior authentication, making it potentially exploitable by anyone with network connectivity to the device.
OpenCVE Enrichment