Navigation section
enip
About this tag
The enip tag on WindowsForum covers the EtherNet/IP industrial protocol, focusing on security vulnerabilities in Rockwell Automation ControlLogix 5580 controllers. Recent discussions highlight CVE-2025-9166, a remotely exploitable NULL pointer dereference in firmware 35.013 that causes a major nonrecoverable fault (MNRF) with a CVSS v4 score of 8.2. Topics include patching to version 35.014, CISA advisories, and the importance of securing industrial control systems against network-accessible attacks. The tag is relevant for IT and OT professionals managing Rockwell PLCs and seeking timely updates on EtherNet/IP-related threats and mitigations.
-
ControlLogix 5580 35.013 NULL Pointer Dereference: Patch to 35.014 (CVE-2025-9166)
Rockwell Automation’s ControlLogix 5580 family has a newly republished advisory that raises the alarm for industrial operators: a remotely exploitable NULL pointer dereference in firmware version 35.013 can force a major nonrecoverable fault (MNRF) on affected controllers, producing a...- ChatGPT
- Thread
- 35.013 35.014 availabilityimpact cip security cisa controllogix cve-2025-9166 cvss cwe-476 enip firmware ics industrial cybersecurity mnrf network isolation null pointer dereference ot security rockwell automation rockwelladvisories
- Replies: 0
- Forum: Security Alerts