Rockwell Automation ControlLogix and GuardLogix

View CSAF

1. EXECUTIVE SUMMARY

  • CVSS v4 9.2
  • ATTENTION: Exploitable remotely/low attack complexity
  • Vendor: Rockwell Automation
  • Equipment: ControlLogix 5580, GuardLogix 5580, CompactLogix 5380, 1756-EN4TR
  • Vulnerability: Improper Input Validation

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to cause a major nonrecoverable fault (MNRF) resulting in the product to become unavailable.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following versions of Rockwell Automation ControlLogix and GuardLogix, programmable logic controllers, are affected:

  • ControlLogix 5580: Version V35.011
  • GuardLogix 5580: Version V35.011
  • CompactLogix 5380: Version V35.011
  • 1756-EN4TR: Version V5.001

3.2 Vulnerability Overview

3.2.1 IMPROPER INPUT VALIDATION CWE-20

A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF). If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, a MNRF could result in a loss of view and/or control of connected devices.

CVE-2024-3493 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).

A CVSS v4 score has also been calculated for CVE-2024-3493. A base score of 9.2 has been calculated; the CVSS vector string is (This article has been indexed from All CISA Advisories

Read the original article:

Rockwell Automation ControlLogix and GuardLogix