Detections
Analytics
Rockwell Automation 1756-ENT2R, 1756-EN4TR, 1756-EN4TRXT Improper Input Validation (CVE-2025-8007)
medium Tenable OT Security Plugin ID 503331
Synopsis
The remote OT asset is affected by a vulnerability.Description
A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules, where a Concurrent Forward Close operation can trigger a Major Non-Recoverable (MNFR) fault. This condition may lead to unexpected system crashes and loss of device availability.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.Rockwell Automation recommends users upgrade their devices to 7.001 or later. The update can be downloaded from Rockwell Automation's website.
Rockwell Automation also recommends users follow their published Security Best Practices.
See Also
http://www.nessus.org/u?3fceaeb5
https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-31
Plugin Details
Severity: Medium
ID: 503331
Version: 1.3
Type: remote
Family: Tenable.ot
Published: 9/17/2025
Updated: 9/18/2025
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Information
CPE: cpe:/o:rockwellautomation:1756-en2tr_series_c_firmware, cpe:/o:rockwellautomation:1756-en2tr_series_a_firmware, cpe:/o:rockwellautomation:1756-en2tr_series_b_firmware, cpe:/o:rockwellautomation:1756-en4tr_firmware, cpe:/o:rockwellautomation:1756-en4trxt_firmware
Required KB Items: Tenable.ot/Rockwell
Exploit Ease: No known exploits are available
Patch Publication Date: 9/9/2025
Vulnerability Publication Date: 9/9/2025
Reference Information
CVE: CVE-2025-8007
CWE: 20