Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-6H2Q-3M5Q-WV4C
Vulnerability from github – Published: 2024-08-01 18:32 – Updated: 2024-08-01 18:32
VLAI?
Details
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2024-6242"
],
"database_specific": {
"cwe_ids": [
"CWE-420"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-01T16:15:07Z",
"severity": "HIGH"
},
"details": "A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted\u00ae Slot feature in a ControlLogix\u00ae controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.",
"id": "GHSA-6h2q-3m5q-wv4c",
"modified": "2024-08-01T18:32:50Z",
"published": "2024-08-01T18:32:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6242"
},
{
"type": "WEB",
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1682.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
CVE-2024-6242 (GCVE-0-2024-6242)
Vulnerability from cvelistv5 – Published: 2024-08-01 15:15 – Updated: 2025-09-25 13:34
VLAI?
EPSS
Summary
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.
Severity ?
CWE
- CWE-420 - Unprotected Alternate Channel
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Rockwell Automation | ControlLogix® 5580 (1756-L8z) |
Affected:
V28
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Claroty reported this vulnerability.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6242",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T13:34:35.364759Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T13:34:40.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ControlLogix\u00ae 5580 (1756-L8z)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V28"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix\u00ae 5580 (1756-L8zS)",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V31"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "V2"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Series A/B/C"
],
"product": "1756-EN2T",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v5.007(unsigned)/v5.027(signed)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Series A/B"
],
"product": "1756-EN2F",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v5.007(unsigned)/v5.027(signed)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Series A/B"
],
"product": "1756-EN2TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v5.007(unsigned)/v5.027(signed)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Series B"
],
"product": "1756-EN3TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "v5.007(unsigned)/v5.027(signed)"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Series D"
],
"product": "1756-EN2T",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "1756-EN2T/D: V10.006"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN2F",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "1756-EN2F/C: V10.009"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Series C"
],
"product": "1756-EN2TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "1756-EN2TR/C: V10.007"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Series B"
],
"product": "1756-EN3TR",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "1756-EN3TR/B: V10.007"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Series A"
],
"product": "1756-EN2TP",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "1756-EN2TP/A: V10.020"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty reported this vulnerability."
}
],
"datePublic": "2024-08-01T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted\u00ae Slot feature in a ControlLogix\u00ae controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis. \u0026nbsp;\u003c/span\u003e"
}
],
"value": "A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted\u00ae Slot feature in a ControlLogix\u00ae controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis."
}
],
"impacts": [
{
"capecId": "CAPEC-216",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-216 Communication Channel Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-420",
"description": "CWE-420: Unprotected Alternate Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T15:15:32.220Z",
"orgId": "b73dd486-f505-4403-b634-40b078b177f0",
"shortName": "Rockwell"
},
"references": [
{
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1682.html"
}
],
"source": {
"advisory": "SD1682",
"discovery": "EXTERNAL"
},
"title": "Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003c/p\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAffected Product \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eFirst Known in Firmware Revision \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eCorrected in Firmware Revision \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eControlLogix\u00ae 5580 (1756-L8z) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eV28 \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eV32.016, V33.015, V34.014, \u0026nbsp;\u003cbr\u003eV35.011 and later \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eGuardLogix\u00ae 5580 (1756-L8zS) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eV31 \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eV32.016, V33.015, V34.014, \u0026nbsp;\u003cbr\u003eV35.011 and later \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e1756-EN4TR \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eV2 \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eV5.001 and later \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2T, Series A/B/C \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2F, Series A/B \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2TR, Series A/B \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN3TR, Series B \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003ev5.007(unsigned)/v5.027(signed) \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eNo fix is available for Series A/B/C. Users can upgrade to Series D to remediate this vulnerability \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2T, Series D \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2F, Series C \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2TR, Series C \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN3TR, Series B \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2TP, Series A \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2T/D: V10.006 \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2F/C: V10.009 \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2TR/C: V10.007 \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN3TR/B: V10.007 \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e1756-EN2TP/A: V10.020 \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003ctd\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eV12.001 and later \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUsers using the affected firmware and who are not able to upgrade to one of the corrected versions are encouraged to apply the following mitigation and security best practices, where possible.\u202f\u003c/span\u003e\u202f\u0026nbsp;\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eLimit the allowed CIP commands on controllers by setting the mode switch to the RUN position. \u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u0026nbsp;\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Affected Product \n\n\n\n\n\nFirst Known in Firmware Revision \n\n\n\n\n\nCorrected in Firmware Revision \n\n\n\n\n\nControlLogix\u00ae 5580 (1756-L8z) \n\n\n\n\n\nV28 \n\n\n\n\n\nV32.016, V33.015, V34.014, \u00a0\nV35.011 and later \n\n\n\n\u00a0\n\n\n\n\n\nGuardLogix\u00ae 5580 (1756-L8zS) \n\n\n\n\n\nV31 \n\n\n\n\n\nV32.016, V33.015, V34.014, \u00a0\nV35.011 and later \n\n\n\n\n\n1756-EN4TR \n\n\n\n\n\nV2 \n\n\n\n\n\nV5.001 and later \n\n\n\n\n\n1756-EN2T, Series A/B/C \n\n\n\n1756-EN2F, Series A/B \n\n\n\n1756-EN2TR, Series A/B \n\n\n\n1756-EN3TR, Series B \n\n\n\n\n\nv5.007(unsigned)/v5.027(signed) \n\n\n\n\n\nNo fix is available for Series A/B/C. Users can upgrade to Series D to remediate this vulnerability \n\n\n\n\n\n1756-EN2T, Series D \n\n\n\n1756-EN2F, Series C \n\n\n\n1756-EN2TR, Series C \n\n\n\n1756-EN3TR, Series B \n\n\n\n1756-EN2TP, Series A \n\n\n\n\n\n1756-EN2T/D: V10.006 \n\n\n\n1756-EN2F/C: V10.009 \n\n\n\n1756-EN2TR/C: V10.007 \n\n\n\n1756-EN3TR/B: V10.007 \n\n\n\n1756-EN2TP/A: V10.020 \n\n\n\n\n\nV12.001 and later \n\n\n\n\n\n\n\n\n\n\n\n\n\n\nUsers using the affected firmware and who are not able to upgrade to one of the corrected versions are encouraged to apply the following mitigation and security best practices, where possible.\u202f\u202f\u00a0\n\n\n\n * Limit the allowed CIP commands on controllers by setting the mode switch to the RUN position. \n\n\n\n\n\n\n\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
"assignerShortName": "Rockwell",
"cveId": "CVE-2024-6242",
"datePublished": "2024-08-01T15:15:32.220Z",
"dateReserved": "2024-06-21T12:21:00.689Z",
"dateUpdated": "2025-09-25T13:34:40.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…