Detections
Analytics
Rockwell Automation 1756-ENT2R, 1756-EN4TR, 1756-EN4TRXT Improper Handling of Exceptional Conditions (CVE-2025-8008)
medium Tenable OT Security Plugin ID 503330
Synopsis
The remote OT asset is affected by a vulnerability.Description
A security issue exists in the protected mode of EN4TR devices, where sending specifically crafted messages during a Forward Close operation can cause the device to crash.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.Rockwell Automation recommends users upgrade their devices to 7.001 or later. The update can be downloaded from Rockwell Automation's website.
Rockwell Automation also recommends users follow their published Security Best Practices.
See Also
http://www.nessus.org/u?3fceaeb5
https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-31
Plugin Details
Severity: Medium
ID: 503330
Version: 1.3
Type: remote
Family: Tenable.ot
Published: 9/17/2025
Updated: 9/18/2025
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Information
CPE: cpe:/o:rockwellautomation:1756-en2tr_series_c_firmware, cpe:/o:rockwellautomation:1756-en2tr_series_a_firmware, cpe:/o:rockwellautomation:1756-en2tr_series_b_firmware, cpe:/o:rockwellautomation:1756-en4tr_firmware, cpe:/o:rockwellautomation:1756-en4trxt_firmware
Required KB Items: Tenable.ot/Rockwell
Exploit Ease: No known exploits are available
Patch Publication Date: 9/9/2025
Vulnerability Publication Date: 9/9/2025
Reference Information
CVE: CVE-2025-8008
CWE: 755