Vulnerability in Rockwell Automation Flex 5000 I/o
CVE-2025-9041
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module retu…
EPSS: 0.003 (21.6th percentile) — read the EPSS interpretation.
Affected products
- Rockwell Automation Flex 5000 I/o — versions Version 2.011 or below
Weakness classification (CWE)
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2025-9041?
- CVE-2025-9041 is a vulnerability in Rockwell Automation Flex 5000 I/o, classified under CWE-1287. Published 2025-08-14.
- Is CVE-2025-9041 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.