OpenCVE

A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2024-04-15T21:17:36.077Z

Updated: 2024-08-12T15:16:08.155Z

Reserved: 2024-04-08T21:46:38.867Z

Link: CVE-2024-3493

Vulnrichment

Updated: 2024-08-01T20:12:07.675Z

NVD

Status : Awaiting Analysis

Published: 2024-04-15T22:15:09.073

Modified: 2024-11-21T09:29:43.297

Link: CVE-2024-3493

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-3493", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2024-04-08T21:46:38.867Z", "datePublished": "2024-04-15T21:17:36.077Z", "dateUpdated": "2024-08-12T15:16:08.155Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ControlLogix 5580", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "v35.011"}]}, {"defaultStatus": "unaffected", "product": "GuardLogix 5580", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "v35.011"}]}, {"defaultStatus": "unaffected", "product": "CompactLogix 5380", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "v5.001"}]}, {"defaultStatus": "unaffected", "product": "1756-EN4TR", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "v5.001"}]}], "datePublic": "2024-04-12T01:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. </span>\n\n"}], "value": "\nA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix\u00a05580,\u00a0CompactLogix 5380,\u00a0and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \n\n"}], "impacts": [{"capecId": "CAPEC-137", "descriptions": [{"lang": "en", "value": "CAPEC-137 Parameter Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-04-15T21:29:33.269Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>\n\n</p><table><tbody><tr><td><p><br>Affected Product</p><p> </p><p> </p></td><td><p> </p><p> </p><p>First Known in Firmware Revision</p><p> </p><p> </p></td><td><p> </p><p> </p><p>Corrected in Firmware Revision</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>ControlLogix\u00ae 5580</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.011</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.013, V36.011</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>GuardLogix 5580</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.011</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.013, V36.011</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>CompactLogix 5380</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.011</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.013, V36.011</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>1756-EN4TR</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V5.001</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V6.001</p><p> </p><p> </p></td></tr></tbody></table>\n\n<br><br><p></p><p>Users using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f</p><ul><li><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a> </p></li></ul>\n\n<br>"}], "value": "\nAffected Product\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4TR\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV5.001\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV6.001\n\n\u00a0\n\n\u00a0\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \u00a0\n\n"}], "source": {"discovery": "INTERNAL"}, "title": "Rockwell Automation ControlLogix and GaurdLogix Vulnerable to Major Nonrecoverable Fault Due to Invalid Header Value", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:12:07.675Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "rockwellautomation", "product": "guardlogix_5580_firmware", "cpes": ["cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "35.011", "status": "affected"}]}, {"vendor": "rockwellautomation", "product": "compactlogix_5380_firmware", "cpes": ["cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:5.001:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "35.011", "status": "affected"}]}, {"vendor": "rockwellautomation", "product": "1756-en4tr_firmware", "cpes": ["cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.001", "status": "affected"}]}, {"vendor": "rockwellautomation", "product": "1756-en4tr_firmware", "cpes": ["cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.001", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-12T15:09:28.736089Z", "id": "CVE-2024-3493", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T15:16:08.155Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:12:07.675Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3493", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-12T15:09:28.736089Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "guardlogix_5580_firmware", "versions": [{"status": "affected", "version": "35.011"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:5.001:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "compactlogix_5380_firmware", "versions": [{"status": "affected", "version": "35.011"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "1756-en4tr_firmware", "versions": [{"status": "affected", "version": "5.001"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "1756-en4tr_firmware", "versions": [{"status": "affected", "version": "5.001"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T15:15:42.341Z"}}], "cna": {"title": "Rockwell Automation ControlLogix and GaurdLogix Vulnerable to Major Nonrecoverable Fault Due to Invalid Header Value", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-137", "descriptions": [{"lang": "en", "value": "CAPEC-137 Parameter Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "ControlLogix 5580", "versions": [{"status": "affected", "version": "v35.011"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "GuardLogix 5580", "versions": [{"status": "affected", "version": "v35.011"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "CompactLogix 5380", "versions": [{"status": "affected", "version": "v5.001"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "1756-EN4TR", "versions": [{"status": "affected", "version": "v5.001"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "\nAffected Product\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix\u00ae 5580\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV35.013, V36.011\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4TR\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV5.001\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nV6.001\n\n\u00a0\n\n\u00a0\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f\n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \u00a0\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<p>\n\n</p><table><tbody><tr><td><p><br>Affected Product</p><p> </p><p> </p></td><td><p> </p><p> </p><p>First Known in Firmware Revision</p><p> </p><p> </p></td><td><p> </p><p> </p><p>Corrected in Firmware Revision</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>ControlLogix\u00ae 5580</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.011</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.013, V36.011</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>GuardLogix 5580</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.011</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.013, V36.011</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>CompactLogix 5380</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.011</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V35.013, V36.011</p><p> </p><p> </p></td></tr><tr><td><p> </p><p> </p><p>1756-EN4TR</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V5.001</p><p> </p><p> </p></td><td><p> </p><p> </p><p>V6.001</p><p> </p><p> </p></td></tr></tbody></table>\n\n<br><br><p></p><p>Users using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.\u202f\u202f</p><ul><li><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a> </p></li></ul>\n\n<br>", "base64": false}]}], "datePublic": "2024-04-12T01:00:00.000Z", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix\u00a05580,\u00a0CompactLogix 5380,\u00a0and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. </span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-04-15T21:29:33.269Z"}}}, "cveMetadata": {"cveId": "CVE-2024-3493", "state": "PUBLISHED", "dateUpdated": "2024-08-12T15:16:08.155Z", "dateReserved": "2024-04-08T21:46:38.867Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2024-04-15T21:17:36.077Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}