All the vulnerabilites related to Rockwell Automation - CompactLogix 5480
cve-2024-5659
Vulnerability from cvelistv5
Published
2024-06-14 16:42
Modified
2024-08-01 21:18
Severity ?
EPSS score ?
Summary
Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Rockwell Automation | ControlLogix® 5580 |
Version: 34.011 |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "controllogix_5580", "vendor": "rockwellautomation", "versions": [ { "status": "affected", "version": "34.011" } ] }, { "cpes": [ "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "guardlogix_5580", "vendor": "rockwellautomation", "versions": [ { "status": "affected", "version": "34.011" } ] }, { "cpes": [ "cpe:2.3:a:rockwellautomation:1756_en4:0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "1756_en4", "vendor": "rockwellautomation", "versions": [ { "status": "affected", "version": "4.001" } ] }, { "cpes": [ "cpe:2.3:a:rockwellautomation:compact_logix_5480:34.011:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "compact_logix_5480", "vendor": "rockwellautomation", "versions": [ { "status": "affected", "version": "34.011" } ] }, { "cpes": [ "cpe:2.3:a:rockwellautomation:compact_guardlogix_5480:34.011:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "compact_guardlogix_5480", "vendor": "rockwellautomation", "versions": [ { "status": "affected", "version": "34.011" } ] }, { "cpes": [ "cpe:2.3:h:rockwellautomation:compactlogix:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "compactlogix", "vendor": "rockwellautomation", "versions": [ { "status": "affected", "version": "5480" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-5659", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-15T19:57:53.882617Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-15T20:23:20.243Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:18:06.865Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ControlLogix\u00ae 5580", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "34.011" } ] }, { "defaultStatus": "unaffected", "product": "GuardLogix 5580", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "34.011" } ] }, { "defaultStatus": "unaffected", "product": "1756-EN4", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "4.001" } ] }, { "defaultStatus": "unaffected", "product": "CompactLogix 5380", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "34.011" } ] }, { "defaultStatus": "unaffected", "product": "Compact GuardLogix 5380", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "34.011" } ] }, { "defaultStatus": "unaffected", "product": "CompactLogix 5480", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "34.011" } ] } ], "datePublic": "2024-06-13T13:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eabnormal packets to the \u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003emDNS port.\u0026nbsp;\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIf exploited, the availability of the device would be compromised.\u003c/span\u003e\n\n" } ], "value": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised." } ], "impacts": [ { "capecId": "CAPEC-624", "descriptions": [ { "lang": "en", "value": "CAPEC-624 Hardware Fault Injection" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 8.3, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-670", "description": "CWE-670 Always-Incorrect Control Flow Implementation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-14T16:42:20.699Z", "orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell" }, "references": [ { "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\n\n\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Product\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eFirst Known in firmware revision\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eCorrected in firmware revision\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eControlLogix\u00ae 5580\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eGuardLogix 5580\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e1756-EN4\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV4.001\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV6.001 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCompactLogix 5380\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eCompact GuardLogix \u003c/a\u003e\u003cb\u003e\u0026nbsp;\u003c/b\u003e5380\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later \u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eCompactLogix 5480\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.011\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eV34.014, V35.013, V36.011 and later\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\n\n\u003cp\u003e\u003cb\u003eMitigations and Workarounds\u003c/b\u003e\u003c/p\u003e\u003cp\u003eUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; Users who do not use \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eAutomatic Policy Deployment (APD)\u003c/a\u003e\u0026nbsp;should block \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003emDNS port, 5353\u003c/a\u003e\u0026nbsp;to help prevent communication.\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; Enable CIP \u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003e\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eSecurity. \u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf\"\u003eCIP Security with Rockwell Automation Products Application Technique\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u00b7 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003eSecurity Best Practices\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e" } ], "value": "Affected Product\n\nFirst Known in firmware revision\n\nCorrected in firmware revision\n\nControlLogix\u00ae 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\nGuardLogix 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\n1756-EN4\n\nV4.001\n\nV6.001 and later\n\nCompactLogix 5380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompact GuardLogix \u00a05380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompactLogix 5480\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\n\n\n\nMitigations and Workarounds\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\n\n\u00b7 \u00a0 \u00a0 \u00a0 Users who do not use CIP Security with Rockwell Automation Products Application Technique https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf \n\n\u00b7 \u00a0 \u00a0 \u00a0 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight" } ], "source": { "discovery": "EXTERNAL" }, "title": "Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "assignerShortName": "Rockwell", "cveId": "CVE-2024-5659", "datePublished": "2024-06-14T16:42:20.699Z", "dateReserved": "2024-06-05T16:47:18.275Z", "dateUpdated": "2024-08-01T21:18:06.865Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-6207
Vulnerability from cvelistv5
Published
2024-10-14 20:53
Modified
2024-10-15 14:43
Severity ?
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS score ?
Summary
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Rockwell Automation | ControlLogix® 5580 |
Version: V28.011 |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "compactlogix_5380_firmware", "vendor": "rockwellautomation", "versions": [ { "lessThan": "33.017", "status": "affected", "version": "28.011", "versionType": "custom" }, { "lessThan": "34.014", "status": "affected", "version": "34.0", "versionType": "custom" }, { "lessThan": "35.013", "status": "affected", "version": "35.0", "versionType": "custom" }, { "lessThan": "36.011", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "controllogix_5580_process_firmware", "vendor": "rockwellautomation", "versions": [ { "lessThan": "33.017", "status": "affected", "version": "33.011", "versionType": "custom" }, { "lessThan": "34.014", "status": "affected", "version": "34.0", "versionType": "custom" }, { "lessThan": "35.013", "status": "affected", "version": "35.0", "versionType": "custom" }, { "lessThan": "36.011", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil2_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "guardlogix_5580_firmware", "vendor": "rockwellautomation", "versions": [ { "lessThan": "33.017", "status": "affected", "version": "31.011", "versionType": "custom" }, { "lessThan": "34.014", "status": "affected", "version": "34.0", "versionType": "custom" }, { "lessThan": "35.013", "status": "affected", "version": "35.0", "versionType": "custom" }, { "lessThan": "36.011", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "controllogix_5580_process_firmware", "vendor": "rockwellautomation", "versions": [ { "lessThan": "33.017", "status": "affected", "version": "32.011", "versionType": "custom" }, { "lessThan": "34.014", "status": "affected", "version": "34.0", "versionType": "custom" }, { "lessThan": "35.013", "status": "affected", "version": "35.0", "versionType": "custom" }, { "lessThan": "36.011", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil3_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "compact_guardlogix_5380_sil3_firmware", "vendor": "rockwellautomation", "versions": [ { "lessThan": "33.017", "status": "affected", "version": "32.013", "versionType": "custom" }, { "lessThan": "34.014", "status": "affected", "version": "34.0", "versionType": "custom" }, { "lessThan": "35.013", "status": "affected", "version": "35.0", "versionType": "custom" }, { "lessThan": "36.011", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:rockwellautomation:factorytalk_logix_echo:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "factorytalk_logix_echo", "vendor": "rockwellautomation", "versions": [ { "lessThan": "34.014", "status": "affected", "version": "33.011", "versionType": "custom" }, { "lessThan": "35.013", "status": "affected", "version": "35.0", "versionType": "custom" }, { "lessThan": "36.011", "status": "affected", "version": "36.0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-6207", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-15T14:11:41.281080Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-15T14:43:19.768Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ControlLogix\u00ae 5580", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "V28.011" } ] }, { "defaultStatus": "unaffected", "product": "ControlLogix\u00ae 5580 Process", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "V33.011" } ] }, { "defaultStatus": "unaffected", "product": "GuardLogix 5580", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "V31.011" } ] }, { "defaultStatus": "unaffected", "product": "CompactLogix 5380", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "V28.011" } ] }, { "defaultStatus": "unaffected", "product": "Compact GuardLogix 5380 SIL 2", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "V31.011" } ] }, { "defaultStatus": "unaffected", "product": "Compact GuardLogix 5380 SIL 3", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "V32.013" } ] }, { "defaultStatus": "unaffected", "product": "CompactLogix 5480", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "V32.011" } ] }, { "defaultStatus": "unaffected", "product": "FactoryTalk\u00ae Logix Echo", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "V33.011" } ] } ], "datePublic": "2024-10-10T13:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eCVE-2024-6207\u003c/a\u003e\u0026nbsp;IMPACT\u003c/p\u003e\u003cp\u003eA denial-of-service vulnerability exists in the affected products that will cause the device to result in a major nonrecoverable fault (MNRF) when it receives an invalid CIP request. To exploit this vulnerability a malicious user must chain this exploits with \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html\"\u003eCVE 2021-22681\u003c/a\u003e\u0026nbsp;and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running. \u003c/p\u003e" } ], "value": "CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html \u00a0and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running." } ], "impacts": [ { "capecId": "CAPEC-100", "descriptions": [ { "lang": "en", "value": "CAPEC-100 Overflow Buffers" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-14T20:53:49.191Z", "orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell" }, "references": [ { "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eAFFECTED PRODUCTS AND SOLUTION\u003c/p\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected Product\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eFirst Known in firmware revision\u003c/td\u003e\u003ctd\u003eCorrected in firmware revision\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eControlLogix\u00ae 5580\u003c/td\u003e\u003ctd\u003eV28.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eControlLogix\u00ae 5580 Process\u003c/td\u003e\u003ctd\u003eV33.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGuardLogix 5580\u003c/td\u003e\u003ctd\u003eV31.011\u003c/td\u003e\u003ctd\u003e\u0026nbsp;V33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompactLogix 5380\u003c/td\u003e\u003ctd\u003eV28.011\u003c/td\u003e\u003ctd\u003e\u0026nbsp;V33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompact GuardLogix 5380 SIL 2\u003c/td\u003e\u003ctd\u003eV31.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompact GuardLogix 5380 SIL 3\u003c/td\u003e\u003ctd\u003eV32.013\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eCompactLogix 5480\u003c/td\u003e\u003ctd\u003eV32.011\u003c/td\u003e\u003ctd\u003eV33.017, V34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eFactoryTalk\u00ae Logix Echo \u003c/td\u003e\u003ctd\u003eV33.011\u003c/td\u003e\u003ctd\u003eV34.014, V35.013, V36.011 and later\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\n\n\u003cbr\u003e" } ], "value": "AFFECTED PRODUCTS AND SOLUTION\n\nAffected Product\nFirst Known in firmware revisionCorrected in firmware revisionControlLogix\u00ae 5580V28.011V33.017, V34.014, V35.013, V36.011 and laterControlLogix\u00ae 5580 ProcessV33.011V33.017, V34.014, V35.013, V36.011 and laterGuardLogix 5580V31.011\u00a0V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5380V28.011\u00a0V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 2V31.011V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 3V32.013V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5480V32.011V33.017, V34.014, V35.013, V36.011 and laterFactoryTalk\u00ae Logix Echo V33.011V34.014, V35.013, V36.011 and later" } ], "source": { "discovery": "INTERNAL" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "assignerShortName": "Rockwell", "cveId": "CVE-2024-6207", "datePublished": "2024-10-14T20:53:49.191Z", "dateReserved": "2024-06-20T16:08:17.052Z", "dateUpdated": "2024-10-15T14:43:19.768Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-6077
Vulnerability from cvelistv5
Published
2024-09-12 19:59
Modified
2024-09-12 21:01
Severity ?
EPSS score ?
Summary
Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Rockwell Automation | CompactLogix 5380 |
Version: v.32 .011 |
||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil3_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "compactlogix_5480_firmware", "vendor": "rockwellautomation", "versions": [ { "lessThan": "33.017", "status": "affected", "version": "32 .011", "versionType": "custom" }, { "lessThan": "34.014", "status": "affected", "version": "34.0", "versionType": "custom" }, { "lessThan": "35.013", "status": "affected", "version": "35.0", "versionType": "custom" }, { "lessThan": "36.011", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*", "cpe:2.3:o:rockwellautomation:compactlogix_5380_process_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "compactlogix_5380_process_firmware", "vendor": "rockwellautomation", "versions": [ { "lessThan": "33.017", "status": "affected", "version": "33.011", "versionType": "custom" }, { "lessThan": "34.014", "status": "affected", "version": "34.0", "versionType": "custom" }, { "lessThan": "35.013", "status": "affected", "version": "35.0", "versionType": "custom" }, { "lessThan": "36.011", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil2_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "compact_guardlogix_5380_sil2_firmware", "vendor": "rockwellautomation", "versions": [ { "lessThan": "33.017", "status": "affected", "version": "32.013", "versionType": "custom" }, { "lessThan": "34.014", "status": "affected", "version": "34.0", "versionType": "custom" }, { "lessThan": "35.013", "status": "affected", "version": "35.0", "versionType": "custom" }, { "lessThan": "36.011", "status": "affected", "version": "36.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:rockwellautomation:1756-en4_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "1756-en4_firmware", "vendor": "rockwellautomation", "versions": [ { "lessThan": "6.001", "status": "affected", "version": "2.001", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-6077", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-12T20:22:58.224200Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-12T21:01:50.254Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "CompactLogix 5380", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "v.32 .011" } ] }, { "defaultStatus": "unaffected", "product": "CompactLogix 5380 Process", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "v.33.011" } ] }, { "defaultStatus": "unaffected", "product": "Compact GuardLogix 5380 SIL 2", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "v.32.013" } ] }, { "defaultStatus": "unaffected", "product": "Compact GuardLogix 5380 SIL 3", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "v.32.011" } ] }, { "defaultStatus": "unaffected", "product": "CompactLogix 5480", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "v.32.011" } ] }, { "defaultStatus": "unaffected", "product": "ControlLogix\u00ae 5580", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "v.32.011" } ] }, { "defaultStatus": "unaffected", "product": "ControlLogix\u00ae 5580 Process", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "v.33.011" } ] }, { "defaultStatus": "unaffected", "product": "GuardLogix 5580", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "v.32.011" } ] }, { "defaultStatus": "unaffected", "product": "1756-EN4", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "v2.001" } ] } ], "datePublic": "2024-09-12T13:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover. \u003c/span\u003e" } ], "value": "A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover." } ], "impacts": [ { "capecId": "CAPEC-153", "descriptions": [ { "lang": "en", "value": "CAPEC-153 Input Data Manipulation" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-12T20:07:19.806Z", "orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell" }, "references": [ { "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1963.html" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eAffected Family \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eFirst Known in Software/Firmware Version\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCorrected in Software/Firmware Version\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32 .011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5380 Process \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.33.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompact GuardLogix 5380 SIL 2 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.013\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompact GuardLogix 5380 SIL 3 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eCompactLogix 5480 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix\u00ae 5580 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eControlLogix\u00ae 5580 Process \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.33.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003eGuardLogix 5580 \u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev.32.011\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev33.017, v34.014, v35.013, v36.011 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e1756-EN4\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev2.001\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003ev6.001 and later\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003e\u0026nbsp;\u003c/p\u003e\n\n\n\n\u003cp\u003eMitigations and Workarounds \u003cbr\u003eCustomers who are unable to upgrade to the corrected software versions are encouraged to apply the following risk mitigations. \u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eUsers who do not wish to use CIP security can disable the feature per device. See \"Disable CIP Security\" in Chapter 2 of \"CIP Security with Rockwell Automation Products\" (publication SECURE-AT001)\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\"\u003esecurity best practices\u003c/a\u003e\u0026nbsp;to minimize the risk of the vulnerability. Customers can use \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc\"\u003eStakeholder-Specific Vulnerability Categorization\u003c/a\u003e\u0026nbsp;to generate more environment-specific prioritization.\u003c/p\u003e\n\n\u003cbr\u003e" } ], "value": "Affected Family \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in Software/Firmware Version\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Software/Firmware Version\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32 .011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380 Process \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.33.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix 5380 SIL 2 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.013\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix 5380 SIL 3 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5480 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580 Process \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.33.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580 \n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv.32.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.017, v34.014, v35.013, v36.011 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv2.001\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv6.001 and later\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\n\n\n\nMitigations and Workarounds \nCustomers who are unable to upgrade to the corrected software versions are encouraged to apply the following risk mitigations. \n\n * Users who do not wish to use CIP security can disable the feature per device. See \"Disable CIP Security\" in Chapter 2 of \"CIP Security with Rockwell Automation Products\" (publication SECURE-AT001)\n\n\n\n\nFor information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \u00a0to minimize the risk of the vulnerability. Customers can use Stakeholder-Specific Vulnerability Categorization https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc \u00a0to generate more environment-specific prioritization." } ], "source": { "advisory": "SD1963", "discovery": "INTERNAL" }, "title": "Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix\u00ae 5380 Vulnerable to DoS vulnerability via CIP", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "assignerShortName": "Rockwell", "cveId": "CVE-2024-6077", "datePublished": "2024-09-12T19:59:40.368Z", "dateReserved": "2024-06-17T16:21:32.155Z", "dateUpdated": "2024-09-12T21:01:50.254Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3752
Vulnerability from cvelistv5
Published
2022-12-19 22:23
Modified
2024-08-03 01:20
Severity ?
EPSS score ?
Summary
Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack
References
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Rockwell Automation | CompactLogix 5480 |
Version: 32.011 and later |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:20:57.729Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137664" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "CompactLogix 5480", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "32.011 and later" } ] }, { "defaultStatus": "unaffected", "product": "ControlLogix 5580 ", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "31.011 and later" } ] }, { "defaultStatus": "unaffected", "product": "GuardLogix 5580", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "31.011 and later" } ] }, { "defaultStatus": "unaffected", "product": "Compact GuardLogix 5380", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "31.011 and later" } ] }, { "defaultStatus": "unaffected", "product": "CompactLogix 5380", "vendor": "Rockwell Automation", "versions": [ { "status": "affected", "version": "31.011 and later" } ] } ], "datePublic": "2022-12-13T15:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic \nloading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload \nthe user project file to bring the device back online and continue normal operation.\n\n\n" } ], "value": "An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic \nloading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload \nthe user project file to bring the device back online and continue normal operation.\n\n\n" } ], "impacts": [ { "capecId": "CAPEC-594", "descriptions": [ { "lang": "en", "value": "CAPEC-594 Traffic Injection" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-27T18:16:26.185Z", "orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell" }, "references": [ { "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137664" } ], "source": { "discovery": "UNKNOWN" }, "title": "Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "assignerShortName": "Rockwell", "cveId": "CVE-2022-3752", "datePublished": "2022-12-19T22:23:36.836Z", "dateReserved": "2022-10-28T20:53:01.640Z", "dateUpdated": "2024-08-03T01:20:57.729Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }