Rockwell Automation 432ES-IG3 Series A
Plan Patch7.5ICS-CERT ICSA-26-013-01Jan 13, 2026
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
A resource exhaustion vulnerability (CWE-770) in Rockwell Automation 432ES-IG3 Series A V1.001 allows an unauthenticated remote attacker to send a crafted packet and cause a denial-of-service condition, forcing the device to stop processing traffic.
What this means
What could happen
An attacker could trigger a denial-of-service condition on the 432ES-IG3 gateway, causing it to stop forwarding traffic and disrupting communication between your EtherNet/IP network and field devices.
Who's at risk
Water and power utilities operating Rockwell Automation 432ES-IG3 Series A Ethernet/IP gateways. These devices bridge industrial networks and are critical for PLC communication; their failure impacts visibility and control of field devices.
How it could be exploited
An attacker with network access to the gateway can send a specially crafted packet to port 2222 or the EtherNet/IP service port, causing the device to crash or become unresponsive without requiring authentication or user interaction.
Prerequisites
- Network access to the 432ES-IG3 gateway from an untrusted network segment
- No authentication required
remotely exploitableno authentication requiredlow complexity
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
432ES-IG3 Series A: V1.001V1.0012.001.9
Remediation & Mitigation
0/2
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate 432ES-IG3 Series A to firmware version 2.001.9 or later
Long-term hardening
0/1HARDENINGReview and apply Rockwell Automation security best practices, including network segmentation and access control lists to limit who can reach the gateway
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/e0360c87-ff7a-41b0-acfd-d4d0183b92c4