CVE-2026-9636
Awaiting Analysis Awaiting Analysis - Queue

CIP Security Certificate Bypass in CompactLogix 5380

Vulnerability report for CVE-2026-9636, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-14

Last updated on: 2026-07-14

Assigner: Rockwell Automation

Description

A security issue exists within CompactLogix® 5380, ControlLogix® 5580, and EN4 communication modules related to CIP Security certificate revocation handling. The security issue stems from the controller failing to properly reject certificates signed by an intermediate certificate that has been revoked via a Certificate Revocation List (CRL). This could allow a network-based attacker to establish a connection using a certificate that should be untrusted, potentially bypassing CIP Security protections.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-14
Last Modified
2026-07-14
Generated
2026-07-14
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 6 associated CPEs
Vendor Product Version / Range
rockwell_automation controllogix_5580 From 36 (inc) to 37 (inc)
rockwell_automation compactlogix_5380 From 36 (inc) to 37 (inc)
rockwell_automation guardlogix_5580 From 36 (inc) to 37 (inc)
rockwell_automation compact_guardlogix_5380 From 36 (inc) to 37 (inc)
rockwell_automation 1756-en4 From 6.001 (inc) to 8.001 (inc)
rockwell_automation 1756-en4tr From 6.001 (inc) to 7.001 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-299 The product does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
AI Quick Actions have not been generated yet.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9636. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart