Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
CVE-2025-8008: EN4TR Device Crash from Malformed Messages
CVE-2025-8008
Summary
A security issue affects EN4TR devices when they are in protected mode. If the device receives a specially designed message during a Forward Close operation, it may crash. This can be prevented by updating the device to the latest firmware.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| rockwellautomation | 1756-en2tr_series_a_firmware |
< 7.001 cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:*:*:*:*:*:*:*:* |
| rockwellautomation | 1756-en2tr_series_b_firmware |
< 7.001 cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:*:*:*:*:*:*:*:* |
| rockwellautomation | 1756-en2tr_series_c_firmware |
< 7.001 cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:*:*:*:*:*:*:*:* |
| rockwellautomation | 1756-en4tr_firmware |
< 7.001 cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:*:*:*:*:*:*:*:* |
| rockwellautomation | 1756-en4trxt_firmware |
< 7.001 cpe:2.3:o:rockwellautomation:1756-en4trxt_firmware:*:*:*:*:*:*:*:* |
Original title
A security issue exists in the protected mode of EN4TR devices, where sending specifically crafted messages during a Forward Close operation can cause the device to crash.
Original description
A security issue exists in the protected mode of EN4TR devices, where sending specifically crafted messages during a Forward Close operation can cause the device to crash.
nvd CVSS3.1
6.5
nvd CVSS4.0
7.1
Vulnerability type
CWE-755
Published: 9 Sep 2025 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026