OTPulse
FeedAboutContact

Rockwell IMPORTANT NOTICE: Rockwell Automation Recommends Upgrading From 1756-RM2(XT) To 1756-RM3(XT)

Monitor7.5SD1769Jan 20, 2026
Summary

Rockwell Automation has reached end-of-life support for the 1756-RM2(XT) redundancy module for CompactLogix and ControlLogix processors. The module will no longer receive security updates or patches. Rockwell recommends upgrading to the 1756-RM3(XT) module to maintain ongoing security support and access to vulnerability patches. The 1756-RM2(XT) cannot be patched in place.

What this means
What could happen
The 1756-RM2(XT) redundancy module has reached end-of-life and lacks security updates. Upgrading to 1756-RM3(XT) ensures continued security support and access to patches for vulnerabilities affecting your CompactLogix or ControlLogix systems.
Who's at risk
Organizations operating CompactLogix or ControlLogix systems with 1756-RM2(XT) redundancy modules in critical infrastructure (water treatment, power distribution, manufacturing) should prioritize upgrading to 1756-RM3(XT) to maintain security support. This affects any facility relying on redundant processor failover for high-availability operations.
How it could be exploited
An attacker with network access to the CompactLogix/ControlLogix system could exploit unpatched vulnerabilities in the 1756-RM2(XT) redundancy module to gain control over redundant processor failover logic, potentially causing unplanned system switchovers or preventing automatic recovery from failures.
Prerequisites
  • Network access to the CompactLogix or ControlLogix processor on port 2222 (EtherNet/IP)
  • Physical or remote access to the controller to modify redundancy configuration
  • Knowledge of the redundancy module communication protocol
no patch availableend-of-life productaffects critical infrastructure systemsloss of vendor security support
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
IMPORTANT NOTICE: RockwellAll versionsNo fix yet
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDReview and restrict network access to port 2222 (EtherNet/IP) to only authorized engineering workstations and control systems
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade from 1756-RM2(XT) redundancy module to 1756-RM3(XT) to receive ongoing security support and patches
Long-term hardening
0/1
HARDENINGIf upgrade cannot be performed immediately, isolate the CompactLogix/ControlLogix system from untrusted networks using industrial firewalls or network segmentation
View full Rockwell Automation advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/4c10efbe-ea50-4bd1-b2d7-f64c7ea2a713
Rockwell IMPORTANT NOTICE: Rockwell Automation Recommends Upgrading From 1756-RM2(XT) To 1756-RM3(XT) | CVSS 7.5 - OTPulse