Search criteria
39 vulnerabilities found for controllogix_5580_firmware by rockwellautomation
FKIE_CVE-2025-9166
Vulnerability from fkie_nvd - Published: 2025-09-09 13:15 - Updated: 2025-10-20 19:05
Severity ?
Summary
A denial-of-service security issue exists in the affected product and version. The security issue stems from the controller repeatedly attempting to forward messages. The issue could result in a major nonrecoverable fault on the controller.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rockwellautomation | controllogix_5580_firmware | 35.013 | |
| rockwellautomation | controllogix_5580 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:35.013:*:*:*:*:*:*:*",
"matchCriteriaId": "45F39829-CE7B-496A-944E-90A7B906DFF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A denial-of-service security issue exists in the affected product and version. The security issue stems from the controller repeatedly attempting to forward messages. The issue could result in a major nonrecoverable fault on the controller."
}
],
"id": "CVE-2025-9166",
"lastModified": "2025-10-20T19:05:29.813",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
}
]
},
"published": "2025-09-09T13:15:33.050",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1747.html"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-6207
Vulnerability from fkie_nvd - Published: 2024-10-14 21:15 - Updated: 2024-10-21 13:20
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCECB24-3DF9-441D-B2E0-7EDD305EA31D",
"versionEndExcluding": "33.017",
"versionStartIncluding": "28.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999BE839-8688-4723-A067-788386E528D7",
"versionEndExcluding": "34.014",
"versionStartIncluding": "34.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D70BDEA5-B19E-4399-AD46-FA94285B2DEA",
"versionEndExcluding": "35.013",
"versionStartIncluding": "35.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8EF3D88-B9BC-4FEA-BA35-8657EEE463F2",
"versionEndExcluding": "33.017",
"versionStartIncluding": "33.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3A96A6-242A-4022-8347-E04467DA6FDA",
"versionEndExcluding": "34.014",
"versionStartIncluding": "34.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D377807-09D3-4430-8B0D-83BB5514B275",
"versionEndExcluding": "35.013",
"versionStartIncluding": "35.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580_process:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEDADD8-01DE-4AE5-A0D7-532347FA7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF92BE9B-AF7A-4A04-9438-C30C5ED49B07",
"versionEndExcluding": "33.017",
"versionStartIncluding": "31.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E0F65D-98D1-4021-9CB0-402834F46DD8",
"versionEndExcluding": "34.014",
"versionStartIncluding": "34.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "956AF3D2-9A47-4BAD-B3A5-37A8965DBB2E",
"versionEndExcluding": "35.013",
"versionStartIncluding": "35.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C85E19A-8153-4AC2-8A15-DD1CEE9F5B2E",
"versionEndExcluding": "33.017",
"versionStartIncluding": "28.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90519681-C70B-49EE-A551-29D5A9EFCA31",
"versionEndExcluding": "34.014",
"versionStartIncluding": "34.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A306250-9B1A-49A4-B6C1-E2EFBA49504B",
"versionEndExcluding": "35.013",
"versionStartIncluding": "35.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93D9D75D-0C98-408B-9EB1-6315AAE1147B",
"versionEndExcluding": "33.017",
"versionStartIncluding": "31.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58CAFC2B-2C95-41E0-BB00-7E7F89103664",
"versionEndExcluding": "34.014",
"versionStartIncluding": "34.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37997377-0939-4D3C-8A97-F4F8C6FB1000",
"versionEndExcluding": "35.013",
"versionStartIncluding": "35.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E594CDF6-0582-4D5C-B6AA-C8A2E752E29F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D85D8A23-BC23-41F9-A17A-33239D4C90B5",
"versionEndExcluding": "33.017",
"versionStartIncluding": "32.013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13C157F1-BD62-4F6A-8DCF-4660983C9948",
"versionEndExcluding": "34.014",
"versionStartIncluding": "34.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A01F13C3-42C1-409C-A16E-6BEC723108A2",
"versionEndExcluding": "35.013",
"versionStartIncluding": "35.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82D842C-0930-41AA-83CD-5F235771AE4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A890317E-B6BD-4A0A-B7E0-E50D90506EF1",
"versionEndExcluding": "33.017",
"versionStartIncluding": "32.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "881D835B-D7E3-44C5-9B77-CA82EDCE2D3C",
"versionEndExcluding": "34.014",
"versionStartIncluding": "34.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0ABD910-7EBE-44C8-97E3-2B523CDEE5FA",
"versionEndExcluding": "35.013",
"versionStartIncluding": "35.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:factorytalk_logix_echo_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02105DF7-661C-47E7-BC52-771356537783",
"versionEndExcluding": "34.014",
"versionStartIncluding": "33.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:factorytalk_logix_echo_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51ECB73D-C08C-4DE1-BA75-608E9C350751",
"versionEndExcluding": "35.013",
"versionStartIncluding": "35.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:factorytalk_logix_echo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7898895B-17A1-499A-9B09-9F6C1C302368",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html \u00a0and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running."
},
{
"lang": "es",
"value": "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html y enviar un mensaje CIP especialmente manipulado al dispositivo. Si se explota, un actor de amenazas podr\u00eda ayudar a evitar el acceso al usuario leg\u00edtimo y finalizar las conexiones a los dispositivos conectados, incluida la estaci\u00f3n de trabajo. Para recuperar los controladores, se requiere una descarga que finalice cualquier proceso que est\u00e9 ejecutando el controlador."
}
],
"id": "CVE-2024-6207",
"lastModified": "2024-10-21T13:20:45.617",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
}
]
},
"published": "2024-10-14T21:15:12.460",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-8626
Vulnerability from fkie_nvd - Published: 2024-10-08 17:15 - Updated: 2025-02-27 19:30
Severity ?
Summary
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADC47AB0-6712-473D-976D-4FE7CCFC2532",
"versionEndExcluding": "33.015",
"versionStartIncluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7450A3-7B44-4CDE-B71A-91F4A695B922",
"versionEndExcluding": "33.015",
"versionStartIncluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62414E65-73C7-4172-B7BF-F40A66AFBB90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "209FB84C-5C5D-49D4-B7EF-24BCF8448CDD",
"versionEndExcluding": "33.015",
"versionStartIncluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2411ED-FD7A-4A60-87EE-9B530050CCF1",
"versionEndExcluding": "33.015",
"versionStartIncluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D37F9CEA-510D-41EE-B999-F86AF481ACEC",
"versionEndExcluding": "33.015",
"versionStartIncluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:3.002:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF51B29-F0CF-44DC-819E-4DC700D82BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en4tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "898EE953-E0EF-4B52-8EA0-41AAD8B5CCF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover."
},
{
"lang": "es",
"value": "Debido a una fuga de memoria, existe una vulnerabilidad de denegaci\u00f3n de servicio en los productos afectados de Rockwell Automation. Un agente malintencionado podr\u00eda aprovechar esta vulnerabilidad realizando m\u00faltiples acciones en determinadas p\u00e1ginas web del producto, lo que provocar\u00eda que los productos afectados dejaran de estar disponibles por completo y fuera necesario apagar y encender para recuperarse."
}
],
"id": "CVE-2024-8626",
"lastModified": "2025-02-27T19:30:07.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
}
]
},
"published": "2024-10-08T17:15:56.240",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1706.html"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-6077
Vulnerability from fkie_nvd - Published: 2024-09-12 20:15 - Updated: 2024-09-19 14:31
Severity ?
Summary
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:32.011:*:*:*:*:*:*:*",
"matchCriteriaId": "D389E07F-A04E-467A-8FE4-4DE8B69EF7EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:32.013:*:*:*:*:*:*:*",
"matchCriteriaId": "CCF40770-68D8-41E8-B0DC-61BEFD2DA987",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E594CDF6-0582-4D5C-B6AA-C8A2E752E29F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:32.011:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2345A8-E3BD-45C2-AEE8-189C81D6C23F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82D842C-0930-41AA-83CD-5F235771AE4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:32.011:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EB2F5A-34D4-49C6-9B58-632DFA6B69E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:33.011:*:*:*:*:*:*:*",
"matchCriteriaId": "F032C078-D896-47EC-8393-10803E832C18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:32.011:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE872BB-FC1F-4B70-92AD-B1213A347C89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en4_firmware:2.001:*:*:*:*:*:*:*",
"matchCriteriaId": "B389BA8B-56CD-4614-BC77-02FC80981FA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6935642C-4CBF-4B4F-A509-561B3E39A66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio en los productos afectados de Rockwell Automation cuando se env\u00edan paquetes especialmente manipulados al objeto de seguridad CIP. Si se explota, el dispositivo dejar\u00e1 de estar disponible y ser\u00e1 necesario restablecer la configuraci\u00f3n de f\u00e1brica para recuperarse."
}
],
"id": "CVE-2024-6077",
"lastModified": "2024-09-19T14:31:18.463",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
}
]
},
"published": "2024-09-12T20:15:05.440",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1963.html"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-7515
Vulnerability from fkie_nvd - Published: 2024-08-14 20:15 - Updated: 2025-03-04 17:47
Severity ?
Summary
CVE-2024-7515 IMPACT
A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AABBF4EF-9F0E-432D-A535-F74402CFD05D",
"versionEndExcluding": "34.014",
"versionStartIncluding": "28.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "305CDBFF-404A-45F5-A391-1B18F446D1B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B18F7F-80AB-4146-9D65-B1DB4C2FAA8D",
"versionEndExcluding": "34.014",
"versionStartIncluding": "28.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "A29D3775-CAB3-45CF-96CE-71D0672C7E37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2E9A2F-AFC7-442D-88FC-C3217ABB560E",
"versionEndExcluding": "34.014",
"versionStartIncluding": "31.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "64CAC9B1-19E5-44BB-B814-DDA98B7290E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "560A9F50-DBCF-48CF-856B-BE061C490697",
"versionEndExcluding": "34.014",
"versionStartIncluding": "31.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A5DA9B-E1CA-45FF-8A9B-60B1E506F981",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E594CDF6-0582-4D5C-B6AA-C8A2E752E29F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3631A2E0-00BA-4DF2-94C2-6906B9A3E941",
"versionEndExcluding": "34.014",
"versionStartIncluding": "32.013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE90277-EB8A-4ECE-A573-C1814F35CB47",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82D842C-0930-41AA-83CD-5F235771AE4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C025589-66EE-40EF-8CE6-9A7B76D74BF4",
"versionEndExcluding": "34.014",
"versionStartIncluding": "32.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "61F8EA3B-C51C-4CB1-9BB3-017577DC6684",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CVE-2024-7515 IMPACT\n\nA denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller."
},
{
"lang": "es",
"value": "CVE-2024-7515 IMPACT Existe una vulnerabilidad de denegaci\u00f3n de servicio en los productos afectados. Un paquete de administraci\u00f3n PTP con formato incorrecto puede causar un fallo importante no recuperable en el controlador."
}
],
"id": "CVE-2024-7515",
"lastModified": "2025-03-04T17:47:01.887",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
}
]
},
"published": "2024-08-14T20:15:13.150",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201686.html"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-40619
Vulnerability from fkie_nvd - Published: 2024-08-14 20:15 - Updated: 2025-01-31 15:03
Severity ?
Summary
CVE-2024-40619 IMPACT
A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rockwellautomation | controllogix_5580_firmware | 34.011 | |
| rockwellautomation | controllogix_5580 | - | |
| rockwellautomation | guardlogix_5580_firmware | 34.011 | |
| rockwellautomation | guardlogix_5580 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:34.011:*:*:*:*:*:*:*",
"matchCriteriaId": "02F74A5B-BE74-4F8B-B8D3-D1D48A6C5CA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:34.011:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B88DDE-9002-4EE8-BAA8-73330CB0BE50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CVE-2024-40619 IMPACT\n\nA denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service."
},
{
"lang": "es",
"value": " CVE-2024-40619 IMPACT Existe una vulnerabilidad de denegaci\u00f3n de servicio en los productos afectados. La vulnerabilidad ocurre cuando un paquete CIP con formato incorrecto se env\u00eda a trav\u00e9s de la red al dispositivo y resulta en un fallo importante no recuperable que causa una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2024-40619",
"lastModified": "2025-01-31T15:03:06.963",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
}
]
},
"published": "2024-08-14T20:15:12.277",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201690.html"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-7507
Vulnerability from fkie_nvd - Published: 2024-08-14 20:15 - Updated: 2025-03-04 17:45
Severity ?
Summary
CVE-2024-7507 IMPACT
A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AABBF4EF-9F0E-432D-A535-F74402CFD05D",
"versionEndExcluding": "34.014",
"versionStartIncluding": "28.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "305CDBFF-404A-45F5-A391-1B18F446D1B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B18F7F-80AB-4146-9D65-B1DB4C2FAA8D",
"versionEndExcluding": "34.014",
"versionStartIncluding": "28.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "A29D3775-CAB3-45CF-96CE-71D0672C7E37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2E9A2F-AFC7-442D-88FC-C3217ABB560E",
"versionEndExcluding": "34.014",
"versionStartIncluding": "31.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "64CAC9B1-19E5-44BB-B814-DDA98B7290E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "560A9F50-DBCF-48CF-856B-BE061C490697",
"versionEndExcluding": "34.014",
"versionStartIncluding": "31.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A5DA9B-E1CA-45FF-8A9B-60B1E506F981",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E594CDF6-0582-4D5C-B6AA-C8A2E752E29F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3631A2E0-00BA-4DF2-94C2-6906B9A3E941",
"versionEndExcluding": "34.014",
"versionStartIncluding": "32.013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE90277-EB8A-4ECE-A573-C1814F35CB47",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82D842C-0930-41AA-83CD-5F235771AE4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C025589-66EE-40EF-8CE6-9A7B76D74BF4",
"versionEndExcluding": "34.014",
"versionStartIncluding": "32.011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "61F8EA3B-C51C-4CB1-9BB3-017577DC6684",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CVE-2024-7507 IMPACT\n\nA denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller."
},
{
"lang": "es",
"value": " CVE-2024-7507 IMPACT Existe una vulnerabilidad de denegaci\u00f3n de servicio en los productos afectados. Esta vulnerabilidad ocurre cuando se recibe un mensaje PCCC con formato incorrecto, lo que provoca un fallo en el controlador."
}
],
"id": "CVE-2024-7507",
"lastModified": "2025-03-04T17:45:08.957",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
}
]
},
"published": "2024-08-14T20:15:12.900",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201685.html"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-5659
Vulnerability from fkie_nvd - Published: 2024-06-14 17:15 - Updated: 2025-03-03 19:37
Severity ?
Summary
Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device would be compromised.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:34.011:*:*:*:*:*:*:*",
"matchCriteriaId": "02F74A5B-BE74-4F8B-B8D3-D1D48A6C5CA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:34.011:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B88DDE-9002-4EE8-BAA8-73330CB0BE50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en4_firmware:4.001:*:*:*:*:*:*:*",
"matchCriteriaId": "3B050175-3923-4B1E-AE98-53AF028EE8AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6935642C-4CBF-4B4F-A509-561B3E39A66B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:34.011:*:*:*:*:*:*:*",
"matchCriteriaId": "EC388DFC-DA67-44B6-AE97-731B33F38992",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:34.011:*:*:*:*:*:*:*",
"matchCriteriaId": "01EB5C9E-A10F-4D53-AF3D-38055F966BD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62414E65-73C7-4172-B7BF-F40A66AFBB90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:34.011:*:*:*:*:*:*:*",
"matchCriteriaId": "A913AF0F-DA08-4FE9-9E94-AA1D6227981B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised."
},
{
"lang": "es",
"value": "Rockwell Automation fue informado de una vulnerabilidad que hace que todos los controladores afectados en la misma red produzcan una falla importante no recuperable (MNRF/Assert). Esta vulnerabilidad podr\u00eda explotarse enviando paquetes anormales al puerto mDNS. Si se explota, la disponibilidad del dispositivo se ver\u00eda comprometida."
}
],
"id": "CVE-2024-5659",
"lastModified": "2025-03-03T19:37:09.243",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
}
]
},
"published": "2024-06-14T17:15:51.600",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-670"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-670"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-3493
Vulnerability from fkie_nvd - Published: 2024-04-15 22:15 - Updated: 2025-03-04 17:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "A29D3775-CAB3-45CF-96CE-71D0672C7E37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "64CAC9B1-19E5-44BB-B814-DDA98B7290E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "305CDBFF-404A-45F5-A391-1B18F446D1B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "9232043F-8A87-446C-8B7E-F8E400AA6F68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62414E65-73C7-4172-B7BF-F40A66AFBB90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*",
"matchCriteriaId": "91162BBB-AD61-4191-B00A-FDE767268F13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:1756-en4tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "898EE953-E0EF-4B52-8EA0-41AAD8B5CCF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "4A1541AE-A429-455E-94C4-3420183CE7CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580_process:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEDADD8-01DE-4AE5-A0D7-532347FA7DB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_process_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "DF838222-B4B6-4A66-B3CE-55E643368754",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380_process:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77BCC249-D601-4A82-9247-C0981BF990FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:35.011:*:*:*:*:*:*:*",
"matchCriteriaId": "61F8EA3B-C51C-4CB1-9BB3-017577DC6684",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation\u0027s ControlLogix 5580, Guard Logix\u00a05580,\u00a0CompactLogix 5380,\u00a0and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \n\n"
},
{
"lang": "es",
"value": "Un tipo de paquete fragmentado con formato incorrecto espec\u00edfico (los dispositivos que env\u00edan grandes cantidades de datos pueden generar paquetes fragmentados autom\u00e1ticamente) puede causar una falla mayor no recuperable (MNRF) en ControlLogix 5580, Guard Logix 5580, CompactLogix 5380 y 1756-EN4TR de Rockwell Automation. Si se explota, el producto afectado dejar\u00e1 de estar disponible y requerir\u00e1 un reinicio manual para recuperarlo. Adem\u00e1s, un MNRF podr\u00eda provocar una p\u00e9rdida de visi\u00f3n y/o control de los dispositivos conectados."
}
],
"id": "CVE-2024-3493",
"lastModified": "2025-03-04T17:43:27.223",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-04-15T22:15:09.073",
"references": [
{
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Broken Link"
],
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html"
}
],
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-1797
Vulnerability from fkie_nvd - Published: 2022-06-02 14:15 - Updated: 2024-11-21 06:41
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559 | Permissions Required, Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "838C4369-238B-4611-8DC5-8B23908D47F1",
"versionEndExcluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3BFF9BD-BF59-4310-A0D3-43392E3AD6B9",
"versionEndExcluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62414E65-73C7-4172-B7BF-F40A66AFBB90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E407DFE-FF4B-4D8B-8C85-92FC8FA3796C",
"versionEndExcluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA82CCD-EEA6-49F2-877F-0D84994BA7EA",
"versionEndExcluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB166-7A61-45BB-9935-C06527869F83",
"versionEndExcluding": "33.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5370_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C85EB0F-473A-423A-BDFC-741F6C0E1C0E",
"versionEndExcluding": "34.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E12ADAE3-97B1-48BC-BE69-ED75667C1886",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D1A405-1F45-44DD-91A6-49405CF36FEE",
"versionEndExcluding": "34.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F951670-AF4D-4429-8BC1-79BDEF83B2C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68F0DF87-03BF-40D5-B6D0-95F9F4FA19EE",
"versionEndExcluding": "34.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "482E2CD6-D484-486C-92F4-18432D107E30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40DCFACD-B0E8-48DF-9945-B61CB8DDE7E8",
"versionEndExcluding": "34.011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321AE938-192A-4342-8608-ADC81F0B6582",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online."
},
{
"lang": "es",
"value": "Un mensaje de protocolo industrial com\u00fan de clase 3 malformado con una conexi\u00f3n en cach\u00e9 puede causar una condici\u00f3n de denegaci\u00f3n de servicio en los controladores Logix de Rockwell Automation, lo que resulta en una falla importante no recuperable. Si el dispositivo de destino deja de estar disponible, un usuario tendr\u00eda que borrar el fallo y volver a descargar el archivo de proyecto del usuario para que el dispositivo vuelva a estar en l\u00ednea"
}
],
"id": "CVE-2022-1797",
"lastModified": "2024-11-21T06:41:29.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-02T14:15:33.287",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Primary"
}
]
}
CVE-2025-9166 (GCVE-0-2025-9166)
Vulnerability from cvelistv5 – Published: 2025-09-09 12:36 – Updated: 2025-09-09 13:07
VLAI?
Summary
A denial-of-service security issue exists in the affected product and version. The security issue stems from the controller repeatedly attempting to forward messages. The issue could result in a major nonrecoverable fault on the controller.
Severity ?
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | ControlLogix® 5580 |
Affected:
Version 35.013
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9166",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-09T13:07:34.637649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T13:07:58.099Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "Version 35.013"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service security issue exists in the affected product and version. The security issue stems from the controller \u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003erepeate\u003c/span\u003e\u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003edly \u003c/span\u003e\u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003eattempting\u003c/span\u003e\u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003e to\u003c/span\u003e \u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003eforward\u003c/span\u003e\u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003e messages\u003c/span\u003e. The issue could result in a major nonrecoverable fault on the controller.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "A denial-of-service security issue exists in the affected product and version. The security issue stems from the controller repeatedly attempting to forward messages. The issue could result in a major nonrecoverable fault on the controller."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T12:36:15.177Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1747.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVersion 35.014 and later.\u003c/span\u003e"
}
],
"value": "Upgrade to\u00a0\n\nVersion 35.014 and later."
}
],
"source": {
"advisory": "SD1747",
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix\u00ae 5580 V35.013 Denial-Of-Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-9166",
"datePublished": "2025-09-09T12:36:15.177Z",
"dateReserved": "2025-08-19T13:36:05.494Z",
"dateUpdated": "2025-09-09T13:07:58.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6207 (GCVE-0-2024-6207)
Vulnerability from cvelistv5 – Published: 2024-10-14 20:53 – Updated: 2024-10-15 14:43
VLAI?
Summary
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | ControlLogix® 5580 |
Affected:
V28.011
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compactlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "28.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "controllogix_5580_process_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "33.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "31.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "controllogix_5580_process_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "32.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil3_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compact_guardlogix_5380_sil3_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "32.013",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:rockwellautomation:factorytalk_logix_echo:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "factorytalk_logix_echo",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "34.014",
"status": "affected",
"version": "33.011",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T14:11:41.281080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T14:43:19.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580 Process",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V33.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V31.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 SIL 2",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V31.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 SIL 3",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V32.013"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FactoryTalk\u00ae Logix Echo",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V33.011"
}
]
}
],
"datePublic": "2024-10-10T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eCVE-2024-6207\u003c/a\u003e\u0026nbsp;IMPACT\u003c/p\u003e\u003cp\u003eA denial-of-service vulnerability exists in the affected products that will cause the device to result in a major nonrecoverable fault (MNRF) when it receives an invalid CIP request. To exploit this vulnerability a malicious user must chain this exploits with \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html\"\u003eCVE 2021-22681\u003c/a\u003e\u0026nbsp;and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running. \u003c/p\u003e"
}
],
"value": "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html \u00a0and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T20:53:49.191Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAFFECTED PRODUCTS AND SOLUTION\u003c/p\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected Product\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eFirst Known in firmware revision\u003c/td\u003e\u003ctd\u003eCorrected in firmware revision\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eControlLogix\u00ae 5580\u003c/td\u003e\u003ctd\u003eV28.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eControlLogix\u00ae 5580 Process\u003c/td\u003e\u003ctd\u003eV33.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGuardLogix 5580\u003c/td\u003e\u003ctd\u003eV31.011\u003c/td\u003e\u003ctd\u003e\u0026nbsp;V33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompactLogix 5380\u003c/td\u003e\u003ctd\u003eV28.011\u003c/td\u003e\u003ctd\u003e\u0026nbsp;V33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompact GuardLogix 5380 SIL 2\u003c/td\u003e\u003ctd\u003eV31.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompact GuardLogix 5380 SIL 3\u003c/td\u003e\u003ctd\u003eV32.013\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompactLogix 5480\u003c/td\u003e\u003ctd\u003eV32.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eFactoryTalk\u00ae Logix Echo \u003c/td\u003e\u003ctd\u003eV33.011\u003c/td\u003e\u003ctd\u003eV34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e"
}
],
"value": "AFFECTED PRODUCTS AND SOLUTION\n\nAffected Product\nFirst Known in firmware revisionCorrected in firmware revisionControlLogix\u00ae 5580V28.011V33.017, V34.014, V35.013, V36.011 and laterControlLogix\u00ae 5580 ProcessV33.011V33.017, V34.014, V35.013, V36.011 and laterGuardLogix 5580V31.011\u00a0V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5380V28.011\u00a0V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 2V31.011V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 3V32.013V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5480V32.011V33.017, V34.014, V35.013, V36.011 and laterFactoryTalk\u00ae Logix Echo V33.011V34.014, V35.013, V36.011 and later"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-6207",
"datePublished": "2024-10-14T20:53:49.191Z",
"dateReserved": "2024-06-20T16:08:17.052Z",
"dateUpdated": "2024-10-15T14:43:19.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8626 (GCVE-0-2024-8626)
Vulnerability from cvelistv5 – Published: 2024-10-08 16:35 – Updated: 2024-10-08 17:36
VLAI?
Summary
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover.
Severity ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 controllers |
Affected:
v33.011 <
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.011",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_guardlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.011",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5480_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.011",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:3.002:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756-en4tr_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "3.002"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8626",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T17:29:59.695076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T17:36:25.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011 \u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix\u00ae 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011\u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011\u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011\u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v3.002"
}
]
}
],
"datePublic": "2024-10-08T16:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover. \u003c/span\u003e"
}
],
"value": "Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover."
}
],
"impacts": [
{
"capecId": "CAPEC-124",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-124 Shared Resource Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T16:35:04.513Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1706.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cbr\u003eAffected Product\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFirst Known in firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCorrected in Firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011 \u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd rowspan=\"5\"\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003ev33.015 and later for versions 33\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003ev34.011 and later\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompact GuardLogix\u00ae 5380 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5480 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix 5580 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eGuardLogix 5580 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e1756-EN4TR\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev3.002\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e4.001 and later\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003eMitigations and Workarounds \u003c/p\u003e\u003cp\u003eCustomers using the affected versions are encouraged to upgrade to corrected firmware versions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability. \u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u0026nbsp;\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Affected Product\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011 \u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n * v33.015 and later for versions 33\n\n\n\n\n\u00a0\n\n\u00a0\n\n * v34.011 and later\n\n\n\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix\u00ae 5380 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5480 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix 5580 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4TR\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv3.002\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n * 4.001 and later\n\n\n\n\n\u00a0\n\n\u00a0\n\n\n\n\nMitigations and Workarounds \n\nCustomers using the affected versions are encouraged to upgrade to corrected firmware versions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability. \n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
],
"source": {
"advisory": "SD1706",
"discovery": "EXTERNAL"
},
"title": "Logix Controllers Vulnerable to Denial-of-Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-8626",
"datePublished": "2024-10-08T16:35:04.513Z",
"dateReserved": "2024-09-09T20:33:30.575Z",
"dateUpdated": "2024-10-08T17:36:25.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6077 (GCVE-0-2024-6077)
Vulnerability from cvelistv5 – Published: 2024-09-12 19:59 – Updated: 2024-09-12 21:01
VLAI?
Summary
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 |
Affected:
v.32 .011
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compactlogix_5480_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "32 .011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compactlogix_5380_process_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compactlogix_5380_process_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "33.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compact_guardlogix_5380_sil2_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "32.013",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en4_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "1756-en4_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "6.001",
"status": "affected",
"version": "2.001",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6077",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-12T20:22:58.224200Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T21:01:50.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32 .011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380 Process",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.33.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 SIL 2",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.013"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 SIL 3",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580 Process",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.33.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v2.001"
}
]
}
],
"datePublic": "2024-09-12T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover. \u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T20:07:19.806Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1963.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Family \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFirst Known in Software/Firmware Version\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCorrected in Software/Firmware Version\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32 .011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380 Process \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.33.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompact GuardLogix 5380 SIL 2 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.013\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompact GuardLogix 5380 SIL 3 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5480 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix\u00ae 5580 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix\u00ae 5580 Process \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.33.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eGuardLogix 5580 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e1756-EN4\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev2.001\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev6.001 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n\n\n\u003cp\u003eMitigations and Workarounds \u003cbr\u003eCustomers who are unable to upgrade to the corrected software versions are encouraged to apply the following risk mitigations. \u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eUsers who do not wish to use CIP security can disable the feature per device. See \"Disable CIP Security\" in Chapter 2 of \"CIP Security with Rockwell Automation Products\" (publication SECURE-AT001)\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003esecurity best practices\u003c/a\u003e\u0026nbsp;to minimize the risk of the vulnerability. Customers can use \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc\"\u003eStakeholder-Specific Vulnerability Categorization\u003c/a\u003e\u0026nbsp;to generate more environment-specific prioritization.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Affected Family \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in Software/Firmware Version\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Software/Firmware Version\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32 .011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380 Process \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.33.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix 5380 SIL 2 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.013\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix 5380 SIL 3 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5480 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580 Process \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.33.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv2.001\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv6.001 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\n\n\n\nMitigations and Workarounds \nCustomers who are unable to upgrade to the corrected software versions are encouraged to apply the following risk mitigations. \n\n * Users who do not wish to use CIP security can disable the feature per device. See \"Disable CIP Security\" in Chapter 2 of \"CIP Security with Rockwell Automation Products\" (publication SECURE-AT001)\n\n\n\n\nFor information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \u00a0to minimize the risk of the vulnerability. Customers can use Stakeholder-Specific Vulnerability Categorization https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc \u00a0to generate more environment-specific prioritization."
}
],
"source": {
"advisory": "SD1963",
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix\u00ae 5380 Vulnerable to DoS vulnerability via CIP",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-6077",
"datePublished": "2024-09-12T19:59:40.368Z",
"dateReserved": "2024-06-17T16:21:32.155Z",
"dateUpdated": "2024-09-12T21:01:50.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40619 (GCVE-0-2024-40619)
Vulnerability from cvelistv5 – Published: 2024-08-14 19:52 – Updated: 2024-08-19 18:09
VLAI?
Summary
CVE-2024-40619 IMPACT
A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service.
Severity ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | ControlLogix® 5580 |
Affected:
34.011
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:34.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:34.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40619",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T18:07:51.286682Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T18:09:56.543Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
}
],
"datePublic": "2024-08-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cb\u003e\u003cu\u003eCVE-2024-40619 IMPACT\u003c/u\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003eA denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service.\u003c/p\u003e"
}
],
"value": "CVE-2024-40619 IMPACT\n\nA denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:52:24.833Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201690.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to v34.014 and later"
}
],
"value": "Upgrade to v34.014 and later"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation GuardLogix/ControlLogix 5580 Controller denial-of-service Vulnerability via Malformed Packet Handling",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-40619",
"datePublished": "2024-08-14T19:52:24.833Z",
"dateReserved": "2024-07-08T14:58:18.171Z",
"dateUpdated": "2024-08-19T18:09:56.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7515 (GCVE-0-2024-7515)
Vulnerability from cvelistv5 – Published: 2024-08-14 19:40 – Updated: 2024-08-14 19:59
VLAI?
Summary
CVE-2024-7515 IMPACT
A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 (5069-L3z) |
Affected:
28.011
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:v28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "v28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:v28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "v28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_guardlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5480_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T19:54:17.968076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:59:57.056Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380 (5069-L3z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580 (1756- L8z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580 (1756- L8zS)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 (5069 \u2013 L3zS2)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480 (5069-L4)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
}
],
"datePublic": "2024-08-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cb\u003e\u003cu\u003eCVE-2024-7515 IMPACT\u003c/u\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003eA denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller.\u003c/p\u003e"
}
],
"value": "CVE-2024-7515 IMPACT\n\nA denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:40:20.990Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201686.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to:\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ev36.011, v35.013, v34.014\u003c/span\u003e"
}
],
"value": "Upgrade to:\u00a0\n\nv36.011, v35.013, v34.014"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix\u00ae 5380 Controller Denial-of-Service Vulnerability via Input Validation",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf PTP messages are not used, block at the network level, port UDP 319/320\u003c/p\u003e"
}
],
"value": "If PTP messages are not used, block at the network level, port UDP 319/320"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-7515",
"datePublished": "2024-08-14T19:40:20.990Z",
"dateReserved": "2024-08-05T20:19:29.235Z",
"dateUpdated": "2024-08-14T19:59:57.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7507 (GCVE-0-2024-7507)
Vulnerability from cvelistv5 – Published: 2024-08-14 19:35 – Updated: 2024-08-15 14:37
VLAI?
Summary
CVE-2024-7507 IMPACT
A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 (5069 – L3z) |
Affected:
28.011
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5380_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_guardlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5480_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T14:32:59.595579Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T14:37:58.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380 (5069 \u2013 L3z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580 (1756 \u2013L8z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580 (1756-L8z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 (5069- L3zS2)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480 (5069-L4)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
}
],
"datePublic": "2024-08-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cb\u003e\u003cu\u003eCVE-2024-7507 IMPACT\u003c/u\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003eA denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.\u003c/p\u003e"
}
],
"value": "CVE-2024-7507 IMPACT\n\nA denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:35:55.326Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201685.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpgrade to:\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ev36.011, v35.013, v34.014\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\n\n\u003cbr\u003e\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "Upgrade to:\u00a0\n\nv36.011, v35.013, v34.014"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix\u00ae 5380 Controller Denial-of-Service Vulnerability via Input Validation",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRestrict communication to CIP object 103 (0x67)\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Restrict communication to CIP object 103 (0x67)"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-7507",
"datePublished": "2024-08-14T19:35:55.326Z",
"dateReserved": "2024-08-05T20:04:40.970Z",
"dateUpdated": "2024-08-15T14:37:58.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5659 (GCVE-0-2024-5659)
Vulnerability from cvelistv5 – Published: 2024-06-14 16:42 – Updated: 2024-08-01 21:18
VLAI?
Summary
Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device would be compromised.
Severity ?
CWE
- CWE-670 - Always-Incorrect Control Flow Implementation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | ControlLogix® 5580 |
Affected:
34.011
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5580",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:a:rockwellautomation:1756_en4:0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756_en4",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "4.001"
}
]
},
{
"cpes": [
"cpe:2.3:a:rockwellautomation:compact_logix_5480:34.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_logix_5480",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:a:rockwellautomation:compact_guardlogix_5480:34.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_guardlogix_5480",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:h:rockwellautomation:compactlogix:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "5480"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-15T19:57:53.882617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-15T20:23:20.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "4.001"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
}
],
"datePublic": "2024-06-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eabnormal packets to the \u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003emDNS port.\u0026nbsp;\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIf exploited, the availability of the device would be compromised.\u003c/span\u003e\n\n"
}
],
"value": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised."
}
],
"impacts": [
{
"capecId": "CAPEC-624",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-624 Hardware Fault Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-670",
"description": "CWE-670 Always-Incorrect Control Flow Implementation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T16:42:20.699Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Product\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eFirst Known in firmware revision\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eCorrected in firmware revision\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eControlLogix\u00ae 5580\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eGuardLogix 5580\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e1756-EN4\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV4.001\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV6.001 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCompactLogix 5380\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eCompact GuardLogix \u003c/a\u003e\u003cb\u003e\u0026nbsp;\u003c/b\u003e5380\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCompactLogix 5480\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003e\u003cb\u003eMitigations and Workarounds\u003c/b\u003e\u003c/p\u003e\u003cp\u003eUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; Users who do not use \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eAutomatic Policy Deployment (APD)\u003c/a\u003e\u0026nbsp;should block \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003emDNS port, 5353\u003c/a\u003e\u0026nbsp;to help prevent communication.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; Enable CIP \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eSecurity. \u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf\"\u003eCIP Security with Rockwell Automation Products Application Technique\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Affected Product\n\nFirst Known in firmware revision\n\nCorrected in firmware revision\n\nControlLogix\u00ae 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\nGuardLogix 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\n1756-EN4\n\nV4.001\n\nV6.001 and later\n\nCompactLogix 5380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompact GuardLogix \u00a05380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompactLogix 5480\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\n\n\n\nMitigations and Workarounds\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\n\n\u00b7 \u00a0 \u00a0 \u00a0 Users who do not use CIP Security with Rockwell Automation Products Application Technique https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf \n\n\u00b7 \u00a0 \u00a0 \u00a0 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-5659",
"datePublished": "2024-06-14T16:42:20.699Z",
"dateReserved": "2024-06-05T16:47:18.275Z",
"dateUpdated": "2024-08-01T21:18:06.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3493 (GCVE-0-2024-3493)
Vulnerability from cvelistv5 – Published: 2024-04-15 21:17 – Updated: 2024-08-12 15:16
VLAI?
Summary
A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices.
Severity ?
8.6 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | ControlLogix 5580 |
Affected:
v35.011
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "35.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:5.001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "35.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756-en4tr_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "5.001"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756-en4tr_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "5.001"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3493",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T15:09:28.736089Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T15:16:08.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v35.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v35.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v5.001"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v5.001"
}
]
}
],
"datePublic": "2024-04-12T01:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation\u0027s ControlLogix 5580, Guard Logix\u0026nbsp;5580,\u0026nbsp;CompactLogix 5380,\u0026nbsp;and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \u003c/span\u003e\n\n"
}
],
"value": "\nA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation\u0027s ControlLogix 5580, Guard Logix\u00a05580,\u00a0CompactLogix 5380,\u00a0and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-15T21:29:33.269Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\n\n\u003c/p\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cbr\u003eAffected Product\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFirst Known in Firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCorrected in Firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix\u00ae 5580\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.013, V36.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eGuardLogix 5580\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.013, V36.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.013, V36.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e1756-EN4TR\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV5.001\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV6.001\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u0026nbsp;\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nAffected Product\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4TR\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV5.001\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV6.001\n\n\u00a0\n\n\u00a0\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \u00a0\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix and GaurdLogix Vulnerable to Major Nonrecoverable Fault Due to Invalid Header Value",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-3493",
"datePublished": "2024-04-15T21:17:36.077Z",
"dateReserved": "2024-04-08T21:46:38.867Z",
"dateUpdated": "2024-08-12T15:16:08.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1797 (GCVE-0-2022-1797)
Vulnerability from cvelistv5 – Published: 2022-05-31 19:04 – Updated: 2025-04-16 16:17
VLAI?
Summary
A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online.
Severity ?
6.8 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 controllers |
Affected:
unspecified , ≤ 32.013
(custom)
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
Credits
Rockwell Automation discovered this vulnerability during routine security testing and reported it to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:16:59.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1797",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:51:38.108033Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:17:49.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CompactLogix 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Compact GuardLogix 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "CompactLogix 5480 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "ControlLogix 5580 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "GuardLogix 5580 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "CompactLogix 5370 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "33.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Compact GuardLogix 5370 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "33.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "ControlLogix 5570 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "33.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "GuardLogix 5570 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "33.013"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Rockwell Automation discovered this vulnerability during routine security testing and reported it to CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-31T19:04:44.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"solutions": [
{
"lang": "en",
"value": "Rockwell Automation recommends users update to the latest firmware version to mitigate this vulnerability. Users are directed towards the risk mitigation provided below and are encouraged (where possible) to combine these with the general security guidelines below to employ multiple strategies simultaneously. Users should go to Rockwell Automation\u0027s Product Compatibility \u0026 Download Center to download the latest firmware.\n\nCompactLogix 5380, Compact GuardLogix 5380, CompactLogix 5480, ControlLogix 5580, GuardLogix 5580: Upgrade to v33.011 firmware\nCompactLogix 5370, Compact GuardLogix 5370, ControlLogix 5570, GuardLogix 5570: Upgrade to v34.011 firmware\n\nPlease see Rockwell Automation\u2019s security advisory PN1596 for more information.\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation Logix Controllers Uncontrolled Resource Consumption",
"workarounds": [
{
"lang": "en",
"value": "If upgrading is not possible, Rockwell Automation recommends the following mitigations:\nUse of Microsoft AppLocker or other similar allow list applications can help mitigate risk. Information on using AppLocker with products from Rockwell Automation is available in Knowledgebase article QA17329.\nConfirm the least-privilege user principle is followed, and user/service account access to shared resources (such as a database) is only granted with a minimum number of rights as needed.\n\nPlease see Rockwell Automation\u2019s security advisory PN1596 for more information.\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2022-1797",
"STATE": "PUBLIC",
"TITLE": "Rockwell Automation Logix Controllers Uncontrolled Resource Consumption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CompactLogix 5380 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "32.013"
}
]
}
},
{
"product_name": "Compact GuardLogix 5380 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": " 32.013"
}
]
}
},
{
"product_name": "CompactLogix 5480 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "32.013"
}
]
}
},
{
"product_name": "ControlLogix 5580 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "32.013"
}
]
}
},
{
"product_name": "GuardLogix 5580 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "32.013"
}
]
}
},
{
"product_name": "CompactLogix 5370 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "33.013"
}
]
}
},
{
"product_name": "Compact GuardLogix 5370 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "33.013"
}
]
}
},
{
"product_name": "ControlLogix 5570 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "33.013"
}
]
}
},
{
"product_name": "GuardLogix 5570 controllers",
"version": {
"version_data": [
{
"version_value": "33.013"
}
]
}
}
]
},
"vendor_name": "Rockwell Automation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Rockwell Automation discovered this vulnerability during routine security testing and reported it to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01"
},
{
"name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559",
"refsource": "CONFIRM",
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
]
},
"solution": [
{
"lang": "en",
"value": "Rockwell Automation recommends users update to the latest firmware version to mitigate this vulnerability. Users are directed towards the risk mitigation provided below and are encouraged (where possible) to combine these with the general security guidelines below to employ multiple strategies simultaneously. Users should go to Rockwell Automation\u0027s Product Compatibility \u0026 Download Center to download the latest firmware.\n\nCompactLogix 5380, Compact GuardLogix 5380, CompactLogix 5480, ControlLogix 5580, GuardLogix 5580: Upgrade to v33.011 firmware\nCompactLogix 5370, Compact GuardLogix 5370, ControlLogix 5570, GuardLogix 5570: Upgrade to v34.011 firmware\n\nPlease see Rockwell Automation\u2019s security advisory PN1596 for more information.\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"source": {
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "If upgrading is not possible, Rockwell Automation recommends the following mitigations:\nUse of Microsoft AppLocker or other similar allow list applications can help mitigate risk. Information on using AppLocker with products from Rockwell Automation is available in Knowledgebase article QA17329.\nConfirm the least-privilege user principle is followed, and user/service account access to shared resources (such as a database) is only granted with a minimum number of rights as needed.\n\nPlease see Rockwell Automation\u2019s security advisory PN1596 for more information.\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-1797",
"datePublished": "2022-05-31T19:04:44.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:17:49.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9166 (GCVE-0-2025-9166)
Vulnerability from nvd – Published: 2025-09-09 12:36 – Updated: 2025-09-09 13:07
VLAI?
Summary
A denial-of-service security issue exists in the affected product and version. The security issue stems from the controller repeatedly attempting to forward messages. The issue could result in a major nonrecoverable fault on the controller.
Severity ?
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | ControlLogix® 5580 |
Affected:
Version 35.013
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9166",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-09T13:07:34.637649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T13:07:58.099Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "Version 35.013"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service security issue exists in the affected product and version. The security issue stems from the controller \u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003erepeate\u003c/span\u003e\u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003edly \u003c/span\u003e\u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003eattempting\u003c/span\u003e\u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003e to\u003c/span\u003e \u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003eforward\u003c/span\u003e\u003cspan style=\"background-color: rgba(209, 209, 209, 0.5);\"\u003e messages\u003c/span\u003e. The issue could result in a major nonrecoverable fault on the controller.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "A denial-of-service security issue exists in the affected product and version. The security issue stems from the controller repeatedly attempting to forward messages. The issue could result in a major nonrecoverable fault on the controller."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T12:36:15.177Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1747.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVersion 35.014 and later.\u003c/span\u003e"
}
],
"value": "Upgrade to\u00a0\n\nVersion 35.014 and later."
}
],
"source": {
"advisory": "SD1747",
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix\u00ae 5580 V35.013 Denial-Of-Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2025-9166",
"datePublished": "2025-09-09T12:36:15.177Z",
"dateReserved": "2025-08-19T13:36:05.494Z",
"dateUpdated": "2025-09-09T13:07:58.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6207 (GCVE-0-2024-6207)
Vulnerability from nvd – Published: 2024-10-14 20:53 – Updated: 2024-10-15 14:43
VLAI?
Summary
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | ControlLogix® 5580 |
Affected:
V28.011
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compactlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "28.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "controllogix_5580_process_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "33.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "31.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "controllogix_5580_process_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "32.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil3_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compact_guardlogix_5380_sil3_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "32.013",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:rockwellautomation:factorytalk_logix_echo:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "factorytalk_logix_echo",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "34.014",
"status": "affected",
"version": "33.011",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T14:11:41.281080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T14:43:19.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580 Process",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V33.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V31.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 SIL 2",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V31.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 SIL 3",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V32.013"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FactoryTalk\u00ae Logix Echo",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V33.011"
}
]
}
],
"datePublic": "2024-10-10T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eCVE-2024-6207\u003c/a\u003e\u0026nbsp;IMPACT\u003c/p\u003e\u003cp\u003eA denial-of-service vulnerability exists in the affected products that will cause the device to result in a major nonrecoverable fault (MNRF) when it receives an invalid CIP request. To exploit this vulnerability a malicious user must chain this exploits with \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html\"\u003eCVE 2021-22681\u003c/a\u003e\u0026nbsp;and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running. \u003c/p\u003e"
}
],
"value": "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html \u00a0and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T20:53:49.191Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAFFECTED PRODUCTS AND SOLUTION\u003c/p\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected Product\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eFirst Known in firmware revision\u003c/td\u003e\u003ctd\u003eCorrected in firmware revision\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eControlLogix\u00ae 5580\u003c/td\u003e\u003ctd\u003eV28.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eControlLogix\u00ae 5580 Process\u003c/td\u003e\u003ctd\u003eV33.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGuardLogix 5580\u003c/td\u003e\u003ctd\u003eV31.011\u003c/td\u003e\u003ctd\u003e\u0026nbsp;V33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompactLogix 5380\u003c/td\u003e\u003ctd\u003eV28.011\u003c/td\u003e\u003ctd\u003e\u0026nbsp;V33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompact GuardLogix 5380 SIL 2\u003c/td\u003e\u003ctd\u003eV31.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompact GuardLogix 5380 SIL 3\u003c/td\u003e\u003ctd\u003eV32.013\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompactLogix 5480\u003c/td\u003e\u003ctd\u003eV32.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eFactoryTalk\u00ae Logix Echo \u003c/td\u003e\u003ctd\u003eV33.011\u003c/td\u003e\u003ctd\u003eV34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e"
}
],
"value": "AFFECTED PRODUCTS AND SOLUTION\n\nAffected Product\nFirst Known in firmware revisionCorrected in firmware revisionControlLogix\u00ae 5580V28.011V33.017, V34.014, V35.013, V36.011 and laterControlLogix\u00ae 5580 ProcessV33.011V33.017, V34.014, V35.013, V36.011 and laterGuardLogix 5580V31.011\u00a0V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5380V28.011\u00a0V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 2V31.011V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 3V32.013V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5480V32.011V33.017, V34.014, V35.013, V36.011 and laterFactoryTalk\u00ae Logix Echo V33.011V34.014, V35.013, V36.011 and later"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-6207",
"datePublished": "2024-10-14T20:53:49.191Z",
"dateReserved": "2024-06-20T16:08:17.052Z",
"dateUpdated": "2024-10-15T14:43:19.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8626 (GCVE-0-2024-8626)
Vulnerability from nvd – Published: 2024-10-08 16:35 – Updated: 2024-10-08 17:36
VLAI?
Summary
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover.
Severity ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 controllers |
Affected:
v33.011 <
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.011",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_guardlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.011",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5480_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.011",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.015",
"status": "affected",
"version": "33.001",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:3.002:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756-en4tr_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "3.002"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8626",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T17:29:59.695076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T17:36:25.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011 \u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix\u00ae 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011\u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011\u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v33.011\u003c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v3.002"
}
]
}
],
"datePublic": "2024-10-08T16:24:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover. \u003c/span\u003e"
}
],
"value": "Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover."
}
],
"impacts": [
{
"capecId": "CAPEC-124",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-124 Shared Resource Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T16:35:04.513Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1706.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cbr\u003eAffected Product\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFirst Known in firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCorrected in Firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011 \u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd rowspan=\"5\"\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003ev33.015 and later for versions 33\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003ev34.011 and later\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompact GuardLogix\u00ae 5380 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5480 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix 5580 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eGuardLogix 5580 controllers\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.011\u0026lt;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e1756-EN4TR\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev3.002\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e4.001 and later\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003eMitigations and Workarounds \u003c/p\u003e\u003cp\u003eCustomers using the affected versions are encouraged to upgrade to corrected firmware versions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability. \u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u0026nbsp;\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Affected Product\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011 \u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n * v33.015 and later for versions 33\n\n\n\n\n\u00a0\n\n\u00a0\n\n * v34.011 and later\n\n\n\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix\u00ae 5380 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5480 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix 5580 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011\u003c\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4TR\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv3.002\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n * 4.001 and later\n\n\n\n\n\u00a0\n\n\u00a0\n\n\n\n\nMitigations and Workarounds \n\nCustomers using the affected versions are encouraged to upgrade to corrected firmware versions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability. \n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
],
"source": {
"advisory": "SD1706",
"discovery": "EXTERNAL"
},
"title": "Logix Controllers Vulnerable to Denial-of-Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-8626",
"datePublished": "2024-10-08T16:35:04.513Z",
"dateReserved": "2024-09-09T20:33:30.575Z",
"dateUpdated": "2024-10-08T17:36:25.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6077 (GCVE-0-2024-6077)
Vulnerability from nvd – Published: 2024-09-12 19:59 – Updated: 2024-09-12 21:01
VLAI?
Summary
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 |
Affected:
v.32 .011
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil3_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compactlogix_5480_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "32 .011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:rockwellautomation:compactlogix_5380_process_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compactlogix_5380_process_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "33.011",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "compact_guardlogix_5380_sil2_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "33.017",
"status": "affected",
"version": "32.013",
"versionType": "custom"
},
{
"lessThan": "34.014",
"status": "affected",
"version": "34.0",
"versionType": "custom"
},
{
"lessThan": "35.013",
"status": "affected",
"version": "35.0",
"versionType": "custom"
},
{
"lessThan": "36.011",
"status": "affected",
"version": "36.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en4_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "1756-en4_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"lessThan": "6.001",
"status": "affected",
"version": "2.001",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6077",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-12T20:22:58.224200Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T21:01:50.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32 .011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380 Process",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.33.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 SIL 2",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.013"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 SIL 3",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580 Process",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.33.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v.32.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v2.001"
}
]
}
],
"datePublic": "2024-09-12T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover. \u003c/span\u003e"
}
],
"value": "A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T20:07:19.806Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1963.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Family \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFirst Known in Software/Firmware Version\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCorrected in Software/Firmware Version\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32 .011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380 Process \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.33.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompact GuardLogix 5380 SIL 2 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.013\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompact GuardLogix 5380 SIL 3 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5480 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix\u00ae 5580 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix\u00ae 5580 Process \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.33.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eGuardLogix 5580 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e1756-EN4\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev2.001\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev6.001 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n\n\n\u003cp\u003eMitigations and Workarounds \u003cbr\u003eCustomers who are unable to upgrade to the corrected software versions are encouraged to apply the following risk mitigations. \u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eUsers who do not wish to use CIP security can disable the feature per device. See \"Disable CIP Security\" in Chapter 2 of \"CIP Security with Rockwell Automation Products\" (publication SECURE-AT001)\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003esecurity best practices\u003c/a\u003e\u0026nbsp;to minimize the risk of the vulnerability. Customers can use \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc\"\u003eStakeholder-Specific Vulnerability Categorization\u003c/a\u003e\u0026nbsp;to generate more environment-specific prioritization.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Affected Family \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in Software/Firmware Version\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Software/Firmware Version\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32 .011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380 Process \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.33.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix 5380 SIL 2 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.013\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix 5380 SIL 3 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5480 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580 Process \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.33.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv2.001\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv6.001 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\n\n\n\nMitigations and Workarounds \nCustomers who are unable to upgrade to the corrected software versions are encouraged to apply the following risk mitigations. \n\n * Users who do not wish to use CIP security can disable the feature per device. See \"Disable CIP Security\" in Chapter 2 of \"CIP Security with Rockwell Automation Products\" (publication SECURE-AT001)\n\n\n\n\nFor information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \u00a0to minimize the risk of the vulnerability. Customers can use Stakeholder-Specific Vulnerability Categorization https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc \u00a0to generate more environment-specific prioritization."
}
],
"source": {
"advisory": "SD1963",
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix\u00ae 5380 Vulnerable to DoS vulnerability via CIP",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-6077",
"datePublished": "2024-09-12T19:59:40.368Z",
"dateReserved": "2024-06-17T16:21:32.155Z",
"dateUpdated": "2024-09-12T21:01:50.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40619 (GCVE-0-2024-40619)
Vulnerability from nvd – Published: 2024-08-14 19:52 – Updated: 2024-08-19 18:09
VLAI?
Summary
CVE-2024-40619 IMPACT
A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service.
Severity ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | ControlLogix® 5580 |
Affected:
34.011
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:34.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:34.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40619",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T18:07:51.286682Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T18:09:56.543Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
}
],
"datePublic": "2024-08-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cb\u003e\u003cu\u003eCVE-2024-40619 IMPACT\u003c/u\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003eA denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service.\u003c/p\u003e"
}
],
"value": "CVE-2024-40619 IMPACT\n\nA denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:52:24.833Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201690.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to v34.014 and later"
}
],
"value": "Upgrade to v34.014 and later"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation GuardLogix/ControlLogix 5580 Controller denial-of-service Vulnerability via Malformed Packet Handling",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-40619",
"datePublished": "2024-08-14T19:52:24.833Z",
"dateReserved": "2024-07-08T14:58:18.171Z",
"dateUpdated": "2024-08-19T18:09:56.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7515 (GCVE-0-2024-7515)
Vulnerability from nvd – Published: 2024-08-14 19:40 – Updated: 2024-08-14 19:59
VLAI?
Summary
CVE-2024-7515 IMPACT
A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 (5069-L3z) |
Affected:
28.011
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:v28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "v28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:v28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "v28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_guardlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5480_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T19:54:17.968076Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:59:57.056Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380 (5069-L3z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580 (1756- L8z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580 (1756- L8zS)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 (5069 \u2013 L3zS2)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480 (5069-L4)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
}
],
"datePublic": "2024-08-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cb\u003e\u003cu\u003eCVE-2024-7515 IMPACT\u003c/u\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003eA denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller.\u003c/p\u003e"
}
],
"value": "CVE-2024-7515 IMPACT\n\nA denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:40:20.990Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201686.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to:\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ev36.011, v35.013, v34.014\u003c/span\u003e"
}
],
"value": "Upgrade to:\u00a0\n\nv36.011, v35.013, v34.014"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix\u00ae 5380 Controller Denial-of-Service Vulnerability via Input Validation",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf PTP messages are not used, block at the network level, port UDP 319/320\u003c/p\u003e"
}
],
"value": "If PTP messages are not used, block at the network level, port UDP 319/320"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-7515",
"datePublished": "2024-08-14T19:40:20.990Z",
"dateReserved": "2024-08-05T20:19:29.235Z",
"dateUpdated": "2024-08-14T19:59:57.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7507 (GCVE-0-2024-7507)
Vulnerability from nvd – Published: 2024-08-14 19:35 – Updated: 2024-08-15 14:37
VLAI?
Summary
CVE-2024-7507 IMPACT
A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 (5069 – L3z) |
Affected:
28.011
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5380_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_guardlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:28.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5480_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T14:32:59.595579Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T14:37:58.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380 (5069 \u2013 L3z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580 (1756 \u2013L8z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580 (1756-L8z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380 (5069- L3zS2)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480 (5069-L4)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "28.011"
}
]
}
],
"datePublic": "2024-08-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cb\u003e\u003cu\u003eCVE-2024-7507 IMPACT\u003c/u\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003eA denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.\u003c/p\u003e"
}
],
"value": "CVE-2024-7507 IMPACT\n\nA denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:35:55.326Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201685.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpgrade to:\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ev36.011, v35.013, v34.014\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\n\n\u003cbr\u003e\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "Upgrade to:\u00a0\n\nv36.011, v35.013, v34.014"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix\u00ae 5380 Controller Denial-of-Service Vulnerability via Input Validation",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRestrict communication to CIP object 103 (0x67)\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Restrict communication to CIP object 103 (0x67)"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-7507",
"datePublished": "2024-08-14T19:35:55.326Z",
"dateReserved": "2024-08-05T20:04:40.970Z",
"dateUpdated": "2024-08-15T14:37:58.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5659 (GCVE-0-2024-5659)
Vulnerability from nvd – Published: 2024-06-14 16:42 – Updated: 2024-08-01 21:18
VLAI?
Summary
Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device would be compromised.
Severity ?
CWE
- CWE-670 - Always-Incorrect Control Flow Implementation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | ControlLogix® 5580 |
Affected:
34.011
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "controllogix_5580",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:a:rockwellautomation:1756_en4:0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756_en4",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "4.001"
}
]
},
{
"cpes": [
"cpe:2.3:a:rockwellautomation:compact_logix_5480:34.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_logix_5480",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:a:rockwellautomation:compact_guardlogix_5480:34.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compact_guardlogix_5480",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"cpes": [
"cpe:2.3:h:rockwellautomation:compactlogix:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "5480"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-15T19:57:53.882617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-15T20:23:20.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "4.001"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
}
],
"datePublic": "2024-06-13T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eabnormal packets to the \u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003emDNS port.\u0026nbsp;\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIf exploited, the availability of the device would be compromised.\u003c/span\u003e\n\n"
}
],
"value": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised."
}
],
"impacts": [
{
"capecId": "CAPEC-624",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-624 Hardware Fault Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-670",
"description": "CWE-670 Always-Incorrect Control Flow Implementation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T16:42:20.699Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Product\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eFirst Known in firmware revision\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eCorrected in firmware revision\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eControlLogix\u00ae 5580\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eGuardLogix 5580\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e1756-EN4\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV4.001\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV6.001 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCompactLogix 5380\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eCompact GuardLogix \u003c/a\u003e\u003cb\u003e\u0026nbsp;\u003c/b\u003e5380\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCompactLogix 5480\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003e\u003cb\u003eMitigations and Workarounds\u003c/b\u003e\u003c/p\u003e\u003cp\u003eUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; Users who do not use \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eAutomatic Policy Deployment (APD)\u003c/a\u003e\u0026nbsp;should block \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003emDNS port, 5353\u003c/a\u003e\u0026nbsp;to help prevent communication.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; Enable CIP \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eSecurity. \u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf\"\u003eCIP Security with Rockwell Automation Products Application Technique\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Affected Product\n\nFirst Known in firmware revision\n\nCorrected in firmware revision\n\nControlLogix\u00ae 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\nGuardLogix 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\n1756-EN4\n\nV4.001\n\nV6.001 and later\n\nCompactLogix 5380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompact GuardLogix \u00a05380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompactLogix 5480\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\n\n\n\nMitigations and Workarounds\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\n\n\u00b7 \u00a0 \u00a0 \u00a0 Users who do not use CIP Security with Rockwell Automation Products Application Technique https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf \n\n\u00b7 \u00a0 \u00a0 \u00a0 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-5659",
"datePublished": "2024-06-14T16:42:20.699Z",
"dateReserved": "2024-06-05T16:47:18.275Z",
"dateUpdated": "2024-08-01T21:18:06.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3493 (GCVE-0-2024-3493)
Vulnerability from nvd – Published: 2024-04-15 21:17 – Updated: 2024-08-12 15:16
VLAI?
Summary
A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices.
Severity ?
8.6 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | ControlLogix 5580 |
Affected:
v35.011
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "guardlogix_5580_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "35.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:5.001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "compactlogix_5380_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "35.011"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756-en4tr_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "5.001"
}
]
},
{
"cpes": [
"cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "1756-en4tr_firmware",
"vendor": "rockwellautomation",
"versions": [
{
"status": "affected",
"version": "5.001"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3493",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T15:09:28.736089Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T15:16:08.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v35.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v35.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v5.001"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v5.001"
}
]
}
],
"datePublic": "2024-04-12T01:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation\u0027s ControlLogix 5580, Guard Logix\u0026nbsp;5580,\u0026nbsp;CompactLogix 5380,\u0026nbsp;and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \u003c/span\u003e\n\n"
}
],
"value": "\nA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation\u0027s ControlLogix 5580, Guard Logix\u00a05580,\u00a0CompactLogix 5380,\u00a0and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-15T21:29:33.269Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003e\n\n\u003c/p\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cbr\u003eAffected Product\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFirst Known in Firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCorrected in Firmware Revision\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix\u00ae 5580\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.013, V36.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eGuardLogix 5580\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.013, V36.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV35.013, V36.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e1756-EN4TR\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV5.001\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eV6.001\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u0026nbsp;\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nAffected Product\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4TR\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV5.001\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV6.001\n\n\u00a0\n\n\u00a0\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \u00a0\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation ControlLogix and GaurdLogix Vulnerable to Major Nonrecoverable Fault Due to Invalid Header Value",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-3493",
"datePublished": "2024-04-15T21:17:36.077Z",
"dateReserved": "2024-04-08T21:46:38.867Z",
"dateUpdated": "2024-08-12T15:16:08.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1797 (GCVE-0-2022-1797)
Vulnerability from nvd – Published: 2022-05-31 19:04 – Updated: 2025-04-16 16:17
VLAI?
Summary
A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online.
Severity ?
6.8 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | CompactLogix 5380 controllers |
Affected:
unspecified , ≤ 32.013
(custom)
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
Credits
Rockwell Automation discovered this vulnerability during routine security testing and reported it to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:16:59.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1797",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:51:38.108033Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:17:49.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CompactLogix 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Compact GuardLogix 5380 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "CompactLogix 5480 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "ControlLogix 5580 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "GuardLogix 5580 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "32.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "CompactLogix 5370 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "33.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Compact GuardLogix 5370 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "33.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "ControlLogix 5570 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "33.013",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "GuardLogix 5570 controllers",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "33.013"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Rockwell Automation discovered this vulnerability during routine security testing and reported it to CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-31T19:04:44.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"solutions": [
{
"lang": "en",
"value": "Rockwell Automation recommends users update to the latest firmware version to mitigate this vulnerability. Users are directed towards the risk mitigation provided below and are encouraged (where possible) to combine these with the general security guidelines below to employ multiple strategies simultaneously. Users should go to Rockwell Automation\u0027s Product Compatibility \u0026 Download Center to download the latest firmware.\n\nCompactLogix 5380, Compact GuardLogix 5380, CompactLogix 5480, ControlLogix 5580, GuardLogix 5580: Upgrade to v33.011 firmware\nCompactLogix 5370, Compact GuardLogix 5370, ControlLogix 5570, GuardLogix 5570: Upgrade to v34.011 firmware\n\nPlease see Rockwell Automation\u2019s security advisory PN1596 for more information.\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rockwell Automation Logix Controllers Uncontrolled Resource Consumption",
"workarounds": [
{
"lang": "en",
"value": "If upgrading is not possible, Rockwell Automation recommends the following mitigations:\nUse of Microsoft AppLocker or other similar allow list applications can help mitigate risk. Information on using AppLocker with products from Rockwell Automation is available in Knowledgebase article QA17329.\nConfirm the least-privilege user principle is followed, and user/service account access to shared resources (such as a database) is only granted with a minimum number of rights as needed.\n\nPlease see Rockwell Automation\u2019s security advisory PN1596 for more information.\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2022-1797",
"STATE": "PUBLIC",
"TITLE": "Rockwell Automation Logix Controllers Uncontrolled Resource Consumption"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CompactLogix 5380 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "32.013"
}
]
}
},
{
"product_name": "Compact GuardLogix 5380 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": " 32.013"
}
]
}
},
{
"product_name": "CompactLogix 5480 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "32.013"
}
]
}
},
{
"product_name": "ControlLogix 5580 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "32.013"
}
]
}
},
{
"product_name": "GuardLogix 5580 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "32.013"
}
]
}
},
{
"product_name": "CompactLogix 5370 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "33.013"
}
]
}
},
{
"product_name": "Compact GuardLogix 5370 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "33.013"
}
]
}
},
{
"product_name": "ControlLogix 5570 controllers",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "33.013"
}
]
}
},
{
"product_name": "GuardLogix 5570 controllers",
"version": {
"version_data": [
{
"version_value": "33.013"
}
]
}
}
]
},
"vendor_name": "Rockwell Automation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Rockwell Automation discovered this vulnerability during routine security testing and reported it to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-01"
},
{
"name": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559",
"refsource": "CONFIRM",
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
]
},
"solution": [
{
"lang": "en",
"value": "Rockwell Automation recommends users update to the latest firmware version to mitigate this vulnerability. Users are directed towards the risk mitigation provided below and are encouraged (where possible) to combine these with the general security guidelines below to employ multiple strategies simultaneously. Users should go to Rockwell Automation\u0027s Product Compatibility \u0026 Download Center to download the latest firmware.\n\nCompactLogix 5380, Compact GuardLogix 5380, CompactLogix 5480, ControlLogix 5580, GuardLogix 5580: Upgrade to v33.011 firmware\nCompactLogix 5370, Compact GuardLogix 5370, ControlLogix 5570, GuardLogix 5570: Upgrade to v34.011 firmware\n\nPlease see Rockwell Automation\u2019s security advisory PN1596 for more information.\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
],
"source": {
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "If upgrading is not possible, Rockwell Automation recommends the following mitigations:\nUse of Microsoft AppLocker or other similar allow list applications can help mitigate risk. Information on using AppLocker with products from Rockwell Automation is available in Knowledgebase article QA17329.\nConfirm the least-privilege user principle is followed, and user/service account access to shared resources (such as a database) is only granted with a minimum number of rights as needed.\n\nPlease see Rockwell Automation\u2019s security advisory PN1596 for more information.\nhttps://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1135559"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-1797",
"datePublished": "2022-05-31T19:04:44.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:17:49.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}