Vulnerabilites related to rockwellautomation - controllogix_5580_process_firmware
Vulnerability from fkie_nvd
Published
2024-04-15 22:15
Modified
2025-03-04 17:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:35.011:*:*:*:*:*:*:*", matchCriteriaId: "A29D3775-CAB3-45CF-96CE-71D0672C7E37", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*", matchCriteriaId: "64CAC9B1-19E5-44BB-B814-DDA98B7290E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "006B7683-9FDF-4748-BA28-2EA22613E092", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:35.011:*:*:*:*:*:*:*", matchCriteriaId: "305CDBFF-404A-45F5-A391-1B18F446D1B8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*", matchCriteriaId: "EDD040ED-B44C-47D0-B4D4-729C378C4F68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:35.011:*:*:*:*:*:*:*", matchCriteriaId: "9232043F-8A87-446C-8B7E-F8E400AA6F68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*", matchCriteriaId: "62414E65-73C7-4172-B7BF-F40A66AFBB90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*", matchCriteriaId: "91162BBB-AD61-4191-B00A-FDE767268F13", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:1756-en4tr:-:*:*:*:*:*:*:*", matchCriteriaId: "898EE953-E0EF-4B52-8EA0-41AAD8B5CCF3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:35.011:*:*:*:*:*:*:*", matchCriteriaId: "4A1541AE-A429-455E-94C4-3420183CE7CF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5580_process:-:*:*:*:*:*:*:*", matchCriteriaId: "AFEDADD8-01DE-4AE5-A0D7-532347FA7DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5380_process_firmware:35.011:*:*:*:*:*:*:*", matchCriteriaId: "DF838222-B4B6-4A66-B3CE-55E643368754", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5380_process:-:*:*:*:*:*:*:*", matchCriteriaId: "77BCC249-D601-4A82-9247-C0981BF990FC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:35.011:*:*:*:*:*:*:*", matchCriteriaId: "61F8EA3B-C51C-4CB1-9BB3-017577DC6684", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*", matchCriteriaId: "80F4F5BE-07DF-402A-BF98-34FBA6A11968", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "\nA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \n\n", }, { lang: "es", value: "Un tipo de paquete fragmentado con formato incorrecto específico (los dispositivos que envían grandes cantidades de datos pueden generar paquetes fragmentados automáticamente) puede causar una falla mayor no recuperable (MNRF) en ControlLogix 5580, Guard Logix 5580, CompactLogix 5380 y 1756-EN4TR de Rockwell Automation. Si se explota, el producto afectado dejará de estar disponible y requerirá un reinicio manual para recuperarlo. Además, un MNRF podría provocar una pérdida de visión y/o control de los dispositivos conectados.", }, ], id: "CVE-2024-3493", lastModified: "2025-03-04T17:43:27.223", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "PSIRT@rockwellautomation.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-04-15T22:15:09.073", references: [ { source: "PSIRT@rockwellautomation.com", tags: [ "Broken Link", ], url: "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html", }, ], sourceIdentifier: "PSIRT@rockwellautomation.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "PSIRT@rockwellautomation.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-14 21:15
Modified
2024-10-21 13:20
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3CCECB24-3DF9-441D-B2E0-7EDD305EA31D", versionEndExcluding: "33.017", versionStartIncluding: "28.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "999BE839-8688-4723-A067-788386E528D7", versionEndExcluding: "34.014", versionStartIncluding: "34.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D70BDEA5-B19E-4399-AD46-FA94285B2DEA", versionEndExcluding: "35.013", versionStartIncluding: "35.011", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8EF3D88-B9BC-4FEA-BA35-8657EEE463F2", versionEndExcluding: "33.017", versionStartIncluding: "33.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A3A96A6-242A-4022-8347-E04467DA6FDA", versionEndExcluding: "34.014", versionStartIncluding: "34.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D377807-09D3-4430-8B0D-83BB5514B275", versionEndExcluding: "35.013", versionStartIncluding: "35.011", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5580_process:-:*:*:*:*:*:*:*", matchCriteriaId: "AFEDADD8-01DE-4AE5-A0D7-532347FA7DB2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BF92BE9B-AF7A-4A04-9438-C30C5ED49B07", versionEndExcluding: "33.017", versionStartIncluding: "31.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0E0F65D-98D1-4021-9CB0-402834F46DD8", versionEndExcluding: "34.014", versionStartIncluding: "34.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "956AF3D2-9A47-4BAD-B3A5-37A8965DBB2E", versionEndExcluding: "35.013", versionStartIncluding: "35.011", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "006B7683-9FDF-4748-BA28-2EA22613E092", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C85E19A-8153-4AC2-8A15-DD1CEE9F5B2E", versionEndExcluding: "33.017", versionStartIncluding: "28.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "90519681-C70B-49EE-A551-29D5A9EFCA31", versionEndExcluding: "34.014", versionStartIncluding: "34.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A306250-9B1A-49A4-B6C1-E2EFBA49504B", versionEndExcluding: "35.013", versionStartIncluding: "35.011", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*", matchCriteriaId: "EDD040ED-B44C-47D0-B4D4-729C378C4F68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93D9D75D-0C98-408B-9EB1-6315AAE1147B", versionEndExcluding: "33.017", versionStartIncluding: "31.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58CAFC2B-2C95-41E0-BB00-7E7F89103664", versionEndExcluding: "34.014", versionStartIncluding: "34.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "37997377-0939-4D3C-8A97-F4F8C6FB1000", versionEndExcluding: "35.013", versionStartIncluding: "35.011", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_2:-:*:*:*:*:*:*:*", matchCriteriaId: "E594CDF6-0582-4D5C-B6AA-C8A2E752E29F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D85D8A23-BC23-41F9-A17A-33239D4C90B5", versionEndExcluding: "33.017", versionStartIncluding: "32.013", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13C157F1-BD62-4F6A-8DCF-4660983C9948", versionEndExcluding: "34.014", versionStartIncluding: "34.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A01F13C3-42C1-409C-A16E-6BEC723108A2", versionEndExcluding: "35.013", versionStartIncluding: "35.011", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_3:-:*:*:*:*:*:*:*", matchCriteriaId: "B82D842C-0930-41AA-83CD-5F235771AE4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A890317E-B6BD-4A0A-B7E0-E50D90506EF1", versionEndExcluding: "33.017", versionStartIncluding: "32.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "881D835B-D7E3-44C5-9B77-CA82EDCE2D3C", versionEndExcluding: "34.014", versionStartIncluding: "34.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0ABD910-7EBE-44C8-97E3-2B523CDEE5FA", versionEndExcluding: "35.013", versionStartIncluding: "35.011", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*", matchCriteriaId: "80F4F5BE-07DF-402A-BF98-34FBA6A11968", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:factorytalk_logix_echo_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02105DF7-661C-47E7-BC52-771356537783", versionEndExcluding: "34.014", versionStartIncluding: "33.011", vulnerable: true, }, { criteria: "cpe:2.3:o:rockwellautomation:factorytalk_logix_echo_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "51ECB73D-C08C-4DE1-BA75-608E9C350751", versionEndExcluding: "35.013", versionStartIncluding: "35.011", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:factorytalk_logix_echo:-:*:*:*:*:*:*:*", matchCriteriaId: "7898895B-17A1-499A-9B09-9F6C1C302368", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.", }, { lang: "es", value: "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html y enviar un mensaje CIP especialmente manipulado al dispositivo. Si se explota, un actor de amenazas podría ayudar a evitar el acceso al usuario legítimo y finalizar las conexiones a los dispositivos conectados, incluida la estación de trabajo. Para recuperar los controladores, se requiere una descarga que finalice cualquier proceso que esté ejecutando el controlador.", }, ], id: "CVE-2024-6207", lastModified: "2024-10-21T13:20:45.617", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "PSIRT@rockwellautomation.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 8.7, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "PSIRT@rockwellautomation.com", type: "Secondary", }, ], }, published: "2024-10-14T21:15:12.460", references: [ { source: "PSIRT@rockwellautomation.com", tags: [ "Vendor Advisory", ], url: "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html", }, ], sourceIdentifier: "PSIRT@rockwellautomation.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "PSIRT@rockwellautomation.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2024-3493
Vulnerability from cvelistv5
Published
2024-04-15 21:17
Modified
2024-08-12 15:16
Severity ?
EPSS score ?
Summary
A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Rockwell Automation | ControlLogix 5580 |
Version: v35.011 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T20:12:07.675Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "guardlogix_5580_firmware", vendor: "rockwellautomation", versions: [ { status: "affected", version: "35.011", }, ], }, { cpes: [ "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:5.001:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "compactlogix_5380_firmware", vendor: "rockwellautomation", versions: [ { status: "affected", version: "35.011", }, ], }, { cpes: [ "cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "1756-en4tr_firmware", vendor: "rockwellautomation", versions: [ { status: "affected", version: "5.001", }, ], }, { cpes: [ "cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "1756-en4tr_firmware", vendor: "rockwellautomation", versions: [ { status: "affected", version: "5.001", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-3493", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-12T15:09:28.736089Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-12T15:16:08.155Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ControlLogix 5580", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "v35.011", }, ], }, { defaultStatus: "unaffected", product: "GuardLogix 5580", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "v35.011", }, ], }, { defaultStatus: "unaffected", product: "CompactLogix 5380", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "v5.001", }, ], }, { defaultStatus: "unaffected", product: "1756-EN4TR", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "v5.001", }, ], }, ], datePublic: "2024-04-12T01:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. </span>\n\n", }, ], value: "\nA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \n\n", }, ], impacts: [ { capecId: "CAPEC-137", descriptions: [ { lang: "en", value: "CAPEC-137 Parameter Injection", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-15T21:29:33.269Z", orgId: "b73dd486-f505-4403-b634-40b078b177f0", shortName: "Rockwell", }, references: [ { url: "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<p>\n\n</p><table><tbody><tr><td><p><br>Affected Product</p><p> </p><p> </p></td><td><p> </p><p> </p><p>First Known in Firmware Revision</p><p> </p><p> </p></td><td><p> </p><p> </p><p>Corrected in Firmware Revision</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>ControlLogix® 5580</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.011</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.013, V36.011</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>GuardLogix 5580</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.011</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.013, V36.011</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>CompactLogix 5380</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.011</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.013, V36.011</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>1756-EN4TR</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V5.001</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V6.001</p><p> </p><p> </p></td></tr></tbody></table>\n\n<br><br><p></p><p>Users using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible. </p><ul><li><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a> </p></li></ul>\n\n<br>", }, ], value: "\nAffected Product\n\n \n\n \n\n \n\n \n\nFirst Known in Firmware Revision\n\n \n\n \n\n \n\n \n\nCorrected in Firmware Revision\n\n \n\n \n\n \n\n \n\nControlLogix® 5580\n\n \n\n \n\n \n\n \n\nV35.011\n\n \n\n \n\n \n\n \n\nV35.013, V36.011\n\n \n\n \n\n \n\n \n\nGuardLogix 5580\n\n \n\n \n\n \n\n \n\nV35.011\n\n \n\n \n\n \n\n \n\nV35.013, V36.011\n\n \n\n \n\n \n\n \n\nCompactLogix 5380\n\n \n\n \n\n \n\n \n\nV35.011\n\n \n\n \n\n \n\n \n\nV35.013, V36.011\n\n \n\n \n\n \n\n \n\n1756-EN4TR\n\n \n\n \n\n \n\n \n\nV5.001\n\n \n\n \n\n \n\n \n\nV6.001\n\n \n\n \n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible. \n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \n\n", }, ], source: { discovery: "INTERNAL", }, title: "Rockwell Automation ControlLogix and GaurdLogix Vulnerable to Major Nonrecoverable Fault Due to Invalid Header Value", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "b73dd486-f505-4403-b634-40b078b177f0", assignerShortName: "Rockwell", cveId: "CVE-2024-3493", datePublished: "2024-04-15T21:17:36.077Z", dateReserved: "2024-04-08T21:46:38.867Z", dateUpdated: "2024-08-12T15:16:08.155Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-6207
Vulnerability from cvelistv5
Published
2024-10-14 20:53
Modified
2024-10-15 14:43
Severity ?
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS score ?
Summary
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Rockwell Automation | ControlLogix® 5580 |
Version: V28.011 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "compactlogix_5380_firmware", vendor: "rockwellautomation", versions: [ { lessThan: "33.017", status: "affected", version: "28.011", versionType: "custom", }, { lessThan: "34.014", status: "affected", version: "34.0", versionType: "custom", }, { lessThan: "35.013", status: "affected", version: "35.0", versionType: "custom", }, { lessThan: "36.011", status: "affected", version: "36.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "controllogix_5580_process_firmware", vendor: "rockwellautomation", versions: [ { lessThan: "33.017", status: "affected", version: "33.011", versionType: "custom", }, { lessThan: "34.014", status: "affected", version: "34.0", versionType: "custom", }, { lessThan: "35.013", status: "affected", version: "35.0", versionType: "custom", }, { lessThan: "36.011", status: "affected", version: "36.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil2_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "guardlogix_5580_firmware", vendor: "rockwellautomation", versions: [ { lessThan: "33.017", status: "affected", version: "31.011", versionType: "custom", }, { lessThan: "34.014", status: "affected", version: "34.0", versionType: "custom", }, { lessThan: "35.013", status: "affected", version: "35.0", versionType: "custom", }, { lessThan: "36.011", status: "affected", version: "36.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "controllogix_5580_process_firmware", vendor: "rockwellautomation", versions: [ { lessThan: "33.017", status: "affected", version: "32.011", versionType: "custom", }, { lessThan: "34.014", status: "affected", version: "34.0", versionType: "custom", }, { lessThan: "35.013", status: "affected", version: "35.0", versionType: "custom", }, { lessThan: "36.011", status: "affected", version: "36.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil3_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "compact_guardlogix_5380_sil3_firmware", vendor: "rockwellautomation", versions: [ { lessThan: "33.017", status: "affected", version: "32.013", versionType: "custom", }, { lessThan: "34.014", status: "affected", version: "34.0", versionType: "custom", }, { lessThan: "35.013", status: "affected", version: "35.0", versionType: "custom", }, { lessThan: "36.011", status: "affected", version: "36.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:rockwellautomation:factorytalk_logix_echo:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "factorytalk_logix_echo", vendor: "rockwellautomation", versions: [ { lessThan: "34.014", status: "affected", version: "33.011", versionType: "custom", }, { lessThan: "35.013", status: "affected", version: "35.0", versionType: "custom", }, { lessThan: "36.011", status: "affected", version: "36.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-6207", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T14:11:41.281080Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T14:43:19.768Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "ControlLogix® 5580", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "V28.011", }, ], }, { defaultStatus: "unaffected", product: "ControlLogix® 5580 Process", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "V33.011", }, ], }, { defaultStatus: "unaffected", product: "GuardLogix 5580", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "V31.011", }, ], }, { defaultStatus: "unaffected", product: "CompactLogix 5380", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "V28.011", }, ], }, { defaultStatus: "unaffected", product: "Compact GuardLogix 5380 SIL 2", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "V31.011", }, ], }, { defaultStatus: "unaffected", product: "Compact GuardLogix 5380 SIL 3", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "V32.013", }, ], }, { defaultStatus: "unaffected", product: "CompactLogix 5480", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "V32.011", }, ], }, { defaultStatus: "unaffected", product: "FactoryTalk® Logix Echo", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "V33.011", }, ], }, ], datePublic: "2024-10-10T13:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p><a target=\"_blank\" rel=\"nofollow\">CVE-2024-6207</a> IMPACT</p><p>A denial-of-service vulnerability exists in the affected products that will cause the device to result in a major nonrecoverable fault (MNRF) when it receives an invalid CIP request. To exploit this vulnerability a malicious user must chain this exploits with <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html\">CVE 2021-22681</a> and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running. </p>", }, ], value: "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.", }, ], impacts: [ { capecId: "CAPEC-100", descriptions: [ { lang: "en", value: "CAPEC-100 Overflow Buffers", }, ], }, ], metrics: [ { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 8.7, baseSeverity: "HIGH", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-14T20:53:49.191Z", orgId: "b73dd486-f505-4403-b634-40b078b177f0", shortName: "Rockwell", }, references: [ { url: "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>AFFECTED PRODUCTS AND SOLUTION</p><table><tbody><tr><td>Affected Product<br></td><td>First Known in firmware revision</td><td>Corrected in firmware revision</td></tr><tr><td>ControlLogix® 5580</td><td>V28.011</td><td>V33.017, V34.014, V35.013, V36.011 and later</td></tr><tr><td>ControlLogix® 5580 Process</td><td>V33.011</td><td>V33.017, V34.014, V35.013, V36.011 and later</td></tr><tr><td>GuardLogix 5580</td><td>V31.011</td><td> V33.017, V34.014, V35.013, V36.011 and later</td></tr><tr><td>CompactLogix 5380</td><td>V28.011</td><td> V33.017, V34.014, V35.013, V36.011 and later</td></tr><tr><td>Compact GuardLogix 5380 SIL 2</td><td>V31.011</td><td>V33.017, V34.014, V35.013, V36.011 and later</td></tr><tr><td>Compact GuardLogix 5380 SIL 3</td><td>V32.013</td><td>V33.017, V34.014, V35.013, V36.011 and later</td></tr><tr><td>CompactLogix 5480</td><td>V32.011</td><td>V33.017, V34.014, V35.013, V36.011 and later</td></tr><tr><td>FactoryTalk® Logix Echo </td><td>V33.011</td><td>V34.014, V35.013, V36.011 and later</td></tr></tbody></table>\n\n<br>", }, ], value: "AFFECTED PRODUCTS AND SOLUTION\n\nAffected Product\nFirst Known in firmware revisionCorrected in firmware revisionControlLogix® 5580V28.011V33.017, V34.014, V35.013, V36.011 and laterControlLogix® 5580 ProcessV33.011V33.017, V34.014, V35.013, V36.011 and laterGuardLogix 5580V31.011 V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5380V28.011 V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 2V31.011V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 3V32.013V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5480V32.011V33.017, V34.014, V35.013, V36.011 and laterFactoryTalk® Logix Echo V33.011V34.014, V35.013, V36.011 and later", }, ], source: { discovery: "INTERNAL", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "b73dd486-f505-4403-b634-40b078b177f0", assignerShortName: "Rockwell", cveId: "CVE-2024-6207", datePublished: "2024-10-14T20:53:49.191Z", dateReserved: "2024-06-20T16:08:17.052Z", dateUpdated: "2024-10-15T14:43:19.768Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }