github - ghsa-949p-hqw3-rgm2

ghsa-949p-hqw3-rgm2

Vulnerability from github

Published

2024-06-14 18:31

Modified

2024-06-14 18:31

Details

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device would be compromised.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-5659"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-670"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-14T17:15:51Z",
    "severity": null
  },
  "details": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised.",
  "id": "GHSA-949p-hqw3-rgm2",
  "modified": "2024-06-14T18:31:45Z",
  "published": "2024-06-14T18:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5659"
    },
    {
      "type": "WEB",
      "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2024-5659

Vulnerability from cvelistv5

Published

2024-06-14 16:42

Modified

2024-08-01 21:18

Severity ?

8.3 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Summary

Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers

References

▼	URL	Tags
	https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html

Impacted products

▼	Vendor	Product
	Rockwell Automation	ControlLogix® 5580
	Rockwell Automation	GuardLogix 5580
	Rockwell Automation	1756-EN4
	Rockwell Automation	CompactLogix 5380
	Rockwell Automation	Compact GuardLogix 5380
	Rockwell Automation	CompactLogix 5480

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "controllogix_5580",
            "vendor": "rockwellautomation",
            "versions": [
              {
                "status": "affected",
                "version": "34.011"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "guardlogix_5580",
            "vendor": "rockwellautomation",
            "versions": [
              {
                "status": "affected",
                "version": "34.011"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:rockwellautomation:1756_en4:0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "1756_en4",
            "vendor": "rockwellautomation",
            "versions": [
              {
                "status": "affected",
                "version": "4.001"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:rockwellautomation:compact_logix_5480:34.011:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "compact_logix_5480",
            "vendor": "rockwellautomation",
            "versions": [
              {
                "status": "affected",
                "version": "34.011"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:rockwellautomation:compact_guardlogix_5480:34.011:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "compact_guardlogix_5480",
            "vendor": "rockwellautomation",
            "versions": [
              {
                "status": "affected",
                "version": "34.011"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:rockwellautomation:compactlogix:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "compactlogix",
            "vendor": "rockwellautomation",
            "versions": [
              {
                "status": "affected",
                "version": "5480"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5659",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-15T19:57:53.882617Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-15T20:23:20.243Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:18:06.865Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ControlLogix\u00ae 5580",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "34.011"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GuardLogix 5580",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "34.011"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "1756-EN4",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "4.001"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CompactLogix 5380",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "34.011"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Compact GuardLogix 5380",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "34.011"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "CompactLogix 5480",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "34.011"
            }
          ]
        }
      ],
      "datePublic": "2024-06-13T13:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eabnormal packets to the \u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003emDNS port.\u0026nbsp;\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIf exploited, the availability of the device would be compromised.\u003c/span\u003e\n\n"
            }
          ],
          "value": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-624",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-624 Hardware Fault Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-670",
              "description": "CWE-670 Always-Incorrect Control Flow Implementation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-14T16:42:20.699Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Product\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eFirst Known in firmware revision\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eCorrected in firmware revision\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eControlLogix\u00ae 5580\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eGuardLogix 5580\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e1756-EN4\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV4.001\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV6.001 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCompactLogix 5380\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eCompact GuardLogix \u003c/a\u003e\u003cb\u003e\u0026nbsp;\u003c/b\u003e5380\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCompactLogix 5480\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003e\u003cb\u003eMitigations and Workarounds\u003c/b\u003e\u003c/p\u003e\u003cp\u003eUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; Users who do not use \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eAutomatic Policy Deployment (APD)\u003c/a\u003e\u0026nbsp;should block \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003emDNS port, 5353\u003c/a\u003e\u0026nbsp;to help prevent communication.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; Enable CIP \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eSecurity. \u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf\"\u003eCIP Security with Rockwell Automation Products Application Technique\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Affected Product\n\nFirst Known in firmware revision\n\nCorrected in firmware revision\n\nControlLogix\u00ae 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\nGuardLogix 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\n1756-EN4\n\nV4.001\n\nV6.001 and later\n\nCompactLogix 5380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompact GuardLogix \u00a05380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompactLogix 5480\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\n\n\n\nMitigations and Workarounds\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\n\n\u00b7 \u00a0 \u00a0 \u00a0 Users who do not use  CIP Security with Rockwell Automation Products Application Technique https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf \n\n\u00b7 \u00a0 \u00a0 \u00a0  Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2024-5659",
    "datePublished": "2024-06-14T16:42:20.699Z",
    "dateReserved": "2024-06-05T16:47:18.275Z",
    "dateUpdated": "2024-08-01T21:18:06.865Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.