FKIE_CVE-2024-6242

Vulnerability from fkie_nvd - Published: 2024-08-01 16:15 - Updated: 2026-06-17 08:17
Severity
7.3 (High) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H
Summary
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.
References
PSIRT@rockwellautomation.comhttps://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1682.html
Impacted products
Vendor Product Version
To clipboard 

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "unaffected",
          "product": "ControlLogix\u00ae 5580 (1756-L8z)",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V28"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GuardLogix\u00ae 5580  (1756-L8zS)",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V31"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "1756-EN4TR",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V2"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Series A/B/C"
          ],
          "product": "1756-EN2T",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "v5.007(unsigned)/v5.027(signed)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Series A/B"
          ],
          "product": "1756-EN2F",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "v5.007(unsigned)/v5.027(signed)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Series A/B"
          ],
          "product": "1756-EN2TR",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "v5.007(unsigned)/v5.027(signed)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Series B"
          ],
          "product": "1756-EN3TR",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "v5.007(unsigned)/v5.027(signed)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Series D"
          ],
          "product": "1756-EN2T",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "1756-EN2T/D: V10.006"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "1756-EN2F",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "1756-EN2F/C: V10.009"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Series C"
          ],
          "product": "1756-EN2TR",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "1756-EN2TR/C: V10.007"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Series B"
          ],
          "product": "1756-EN3TR",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "1756-EN3TR/B: V10.007"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Series A"
          ],
          "product": "1756-EN2TP",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "1756-EN2TP/A: V10.020"
            }
          ]
        }
      ],
      "source": "PSIRT@rockwellautomation.com"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted\u00ae Slot feature in a ControlLogix\u00ae controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis."
    },
    {
      "lang": "es",
      "value": " Existe una vulnerabilidad en los productos afectados de Rockwell Automation que permite a un actor de amenazas eludir la funci\u00f3n Trusted\u00ae Slot en un controlador ControlLogix\u00ae. Si se explota en cualquier m\u00f3dulo afectado en un chasis 1756, un actor de amenazas podr\u00eda potencialmente ejecutar comandos CIP que modifiquen los proyectos de usuario y/o la configuraci\u00f3n del dispositivo en un controlador Logix en el chasis."
    }
  ],
  "id": "CVE-2024-6242",
  "lastModified": "2026-06-17T08:17:36.693",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "HIGH",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "PSIRT@rockwellautomation.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2024-6242",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2025-09-25T13:34:35.364759Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2024-08-01T16:15:07.013",
  "references": [
    {
      "source": "PSIRT@rockwellautomation.com",
      "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1682.html"
    }
  ],
  "sourceIdentifier": "PSIRT@rockwellautomation.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-420"
        }
      ],
      "source": "PSIRT@rockwellautomation.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.