Rockwell 432ES-IG3 Series A Denial-of-Service Vulnerability
Monitor7.1SD1764Dec 9, 2025
Summary
The Rockwell 432ES-IG3 Series A gateway contains a denial-of-service vulnerability that can be triggered by sending malformed network packets. An attacker with network access to the device can cause it to crash or become unresponsive without requiring authentication. This vulnerability affects all versions of the Series A product line and no firmware fix is currently available from Rockwell.
What this means
What could happen
An attacker could send malformed network packets to the 432ES-IG3 gateway, causing it to crash or become unresponsive. This would interrupt communication between your control network and field devices, stopping data collection and potentially halting remote monitoring of critical infrastructure.
Who's at risk
This affects any organization using the Rockwell 432ES-IG3 Series A gateway for industrial control, particularly water utilities and electric utilities that rely on this device for SCADA data integration or remote monitoring of distributed field equipment such as pumps, compressors, or voltage regulators.
How it could be exploited
An attacker with network access to the 432ES-IG3 device could send a specially crafted packet that triggers a crash in the gateway's packet processing logic. The attacker needs only network reachability to the device's management or data port—no authentication is required.
Prerequisites
- Network access to the 432ES-IG3 gateway device
- No authentication required
- Ability to send crafted network packets to the device
Remotely exploitableNo authentication requiredNo patch availableDenial-of-service impact on critical infrastructure communicationLow attack complexity
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
432ES-IG3 Series AAll versionsNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/1HARDENINGImplement network segmentation to limit which systems and networks can reach the 432ES-IG3 device; restrict access to management interfaces via firewall rules
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HARDENINGMonitor network traffic to and from the 432ES-IG3 for suspicious packet patterns that could indicate denial-of-service attempts
Mitigations - no patch available
0/1432ES-IG3 Series A has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGReview and document current connectivity to the 432ES-IG3; consider isolating it to a dedicated industrial network segment if not already done
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/916fee2a-9fe4-4820-b297-15ebcb876325