PatchSiren cyber security CVE debrief
CVE-2026-0647 Rockwell Automation CVE debrief
CVE-2026-0647 is an improper authentication security issue within the 1794-AENTR adapter's embedded web server. The vulnerability allows an unauthenticated attacker to change the device's web interface password by sending a crafted HTTP GET request to a specific endpoint, without any prior authentication being required. If exploited, this could lead to unauthorized access, account takeover, and loss of the device’s embedded web server’s availability.
- Vendor
- Rockwell Automation
- Product
- 1794-AENTR Adapter
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of the 1794-AENTR adapter, particularly those in industrial automation settings, should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability has a CVSS score of 8.8 and is classified as HIGH severity. It is related to CWE-306, which involves improper authentication.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates as recommended by the vendor.
- Restrict access to the embedded web server.
- Monitor for suspicious activity.
Evidence notes
The CVE record was published on 2026-06-16T15:16:33.687Z and modified on 2026-06-16T15:26:04.250Z. The vendor is listed as Unknown Vendor, but there is a reference to Rockwell Automation.
Official resources
-
CVE-2026-0647 CVE record
CVE.org
-
CVE-2026-0647 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-0647 was published on 2026-06-16T15:16:33.687Z.