{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5659", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2024-06-05T16:47:18.275Z", "datePublished": "2024-06-14T16:42:20.699Z", "dateUpdated": "2024-08-01T21:18:06.865Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ControlLogix\u00ae 5580", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "34.011"}]}, {"defaultStatus": "unaffected", "product": "GuardLogix 5580", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "34.011"}]}, {"defaultStatus": "unaffected", "product": "1756-EN4", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "4.001"}]}, {"defaultStatus": "unaffected", "product": "CompactLogix 5380", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "34.011"}]}, {"defaultStatus": "unaffected", "product": "Compact GuardLogix 5380", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "34.011"}]}, {"defaultStatus": "unaffected", "product": "CompactLogix 5480", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "34.011"}]}], "datePublic": "2024-06-13T13:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending </span><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">abnormal packets to the </a><a target=\"_blank\" rel=\"nofollow\">mDNS port.&nbsp;</a><span style=\"background-color: rgb(255, 255, 255);\">If exploited, the availability of the device would be compromised.</span>\n\n"}], "value": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised."}], "impacts": [{"capecId": "CAPEC-624", "descriptions": [{"lang": "en", "value": "CAPEC-624 Hardware Fault Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 8.3, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-670", "description": "CWE-670 Always-Incorrect Control Flow Implementation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-06-14T16:42:20.699Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<table><tbody><tr><td><p>Affected Product</p></td><td><p>First Known in firmware revision</p></td><td><p>Corrected in firmware revision</p></td></tr><tr><td><p>ControlLogix\u00ae 5580</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later</p></td></tr><tr><td><p>GuardLogix 5580</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later </p></td></tr><tr><td><p>1756-EN4</p></td><td><p>V4.001</p></td><td><p>V6.001 and later</p></td></tr><tr><td><p>CompactLogix 5380</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later </p></td></tr><tr><td><p><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">Compact GuardLogix </a><b>&nbsp;</b>5380</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later </p></td></tr><tr><td><p>CompactLogix 5480</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later</p></td></tr></tbody></table><br>\n\n<p><b>Mitigations and Workarounds</b></p><p>Users using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.</p><p>\u00b7 &nbsp; &nbsp; &nbsp; Users who do not use <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">Automatic Policy Deployment (APD)</a>&nbsp;should block <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">mDNS port, 5353</a>&nbsp;to help prevent communication.</p><p>\u00b7 &nbsp; &nbsp; &nbsp; Enable CIP <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">Security. </a><a target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf\">CIP Security with Rockwell Automation Products Application Technique</a></p><p>\u00b7 &nbsp; &nbsp; &nbsp; <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></p>\n\n<br>"}], "value": "Affected Product\n\nFirst Known in firmware revision\n\nCorrected in firmware revision\n\nControlLogix\u00ae 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\nGuardLogix 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\n1756-EN4\n\nV4.001\n\nV6.001 and later\n\nCompactLogix 5380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompact GuardLogix \u00a05380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompactLogix 5480\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\n\n\n\nMitigations and Workarounds\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\n\n\u00b7 \u00a0 \u00a0 \u00a0 Users who do not use CIP Security with Rockwell Automation Products Application Technique https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf \n\n\u00b7 \u00a0 \u00a0 \u00a0 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"}], "source": {"discovery": "EXTERNAL"}, "title": "Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "rockwellautomation", "product": "controllogix_5580", "cpes": ["cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "34.011", "status": "affected"}]}, {"vendor": "rockwellautomation", "product": "guardlogix_5580", "cpes": ["cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "34.011", "status": "affected"}]}, {"vendor": "rockwellautomation", "product": "1756_en4", "cpes": ["cpe:2.3:a:rockwellautomation:1756_en4:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4.001", "status": "affected"}]}, {"vendor": "rockwellautomation", "product": "compact_logix_5480", "cpes": ["cpe:2.3:a:rockwellautomation:compact_logix_5480:34.011:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "34.011", "status": "affected"}]}, {"vendor": "rockwellautomation", "product": "compact_guardlogix_5480", "cpes": ["cpe:2.3:a:rockwellautomation:compact_guardlogix_5480:34.011:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "34.011", "status": "affected"}]}, {"vendor": "rockwellautomation", "product": "compactlogix", "cpes": ["cpe:2.3:h:rockwellautomation:compactlogix:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5480", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-15T19:57:53.882617Z", "id": "CVE-2024-5659", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-15T20:23:20.243Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:18:06.865Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:18:06.865Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5659", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-15T19:57:53.882617Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "controllogix_5580", "versions": [{"status": "affected", "version": "34.011"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "guardlogix_5580", "versions": [{"status": "affected", "version": "34.011"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:rockwellautomation:1756_en4:0:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "1756_en4", "versions": [{"status": "affected", "version": "4.001"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:rockwellautomation:compact_logix_5480:34.011:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "compact_logix_5480", "versions": [{"status": "affected", "version": "34.011"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:rockwellautomation:compact_guardlogix_5480:34.011:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "compact_guardlogix_5480", "versions": [{"status": "affected", "version": "34.011"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:rockwellautomation:compactlogix:*:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "compactlogix", "versions": [{"status": "affected", "version": "5480"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-15T20:01:15.688Z"}}], "cna": {"title": "Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers", "source": {"discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-624", "descriptions": [{"lang": "en", "value": "CAPEC-624 Hardware Fault Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.3, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "ControlLogix\u00ae 5580", "versions": [{"status": "affected", "version": "34.011"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "GuardLogix 5580", "versions": [{"status": "affected", "version": "34.011"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "1756-EN4", "versions": [{"status": "affected", "version": "4.001"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "CompactLogix 5380", "versions": [{"status": "affected", "version": "34.011"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "Compact GuardLogix 5380", "versions": [{"status": "affected", "version": "34.011"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "CompactLogix 5480", "versions": [{"status": "affected", "version": "34.011"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Affected Product\n\nFirst Known in firmware revision\n\nCorrected in firmware revision\n\nControlLogix\u00ae 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\nGuardLogix 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\n1756-EN4\n\nV4.001\n\nV6.001 and later\n\nCompactLogix 5380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompact GuardLogix \u00a05380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompactLogix 5480\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\n\n\n\nMitigations and Workarounds\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\n\n\u00b7 \u00a0 \u00a0 \u00a0 Users who do not use CIP Security with Rockwell Automation Products Application Technique https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf \n\n\u00b7 \u00a0 \u00a0 \u00a0 Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight", "supportingMedia": [{"type": "text/html", "value": "\n\n<table><tbody><tr><td><p>Affected Product</p></td><td><p>First Known in firmware revision</p></td><td><p>Corrected in firmware revision</p></td></tr><tr><td><p>ControlLogix\u00ae 5580</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later</p></td></tr><tr><td><p>GuardLogix 5580</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later </p></td></tr><tr><td><p>1756-EN4</p></td><td><p>V4.001</p></td><td><p>V6.001 and later</p></td></tr><tr><td><p>CompactLogix 5380</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later </p></td></tr><tr><td><p><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">Compact GuardLogix </a><b>&nbsp;</b>5380</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later </p></td></tr><tr><td><p>CompactLogix 5480</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later</p></td></tr></tbody></table><br>\n\n<p><b>Mitigations and Workarounds</b></p><p>Users using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.</p><p>\u00b7 &nbsp; &nbsp; &nbsp; Users who do not use <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">Automatic Policy Deployment (APD)</a>&nbsp;should block <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">mDNS port, 5353</a>&nbsp;to help prevent communication.</p><p>\u00b7 &nbsp; &nbsp; &nbsp; Enable CIP <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">Security. </a><a target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf\">CIP Security with Rockwell Automation Products Application Technique</a></p><p>\u00b7 &nbsp; &nbsp; &nbsp; <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></p>\n\n<br>", "base64": false}]}], "datePublic": "2024-06-13T13:00:00.000Z", "references": [{"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised.", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending </span><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">abnormal packets to the </a><a target=\"_blank\" rel=\"nofollow\">mDNS port.&nbsp;</a><span style=\"background-color: rgb(255, 255, 255);\">If exploited, the availability of the device would be compromised.</span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-670", "description": "CWE-670 Always-Incorrect Control Flow Implementation"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-06-14T16:42:20.699Z"}}}, "cveMetadata": {"cveId": "CVE-2024-5659", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:18:06.865Z", "dateReserved": "2024-06-05T16:47:18.275Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2024-06-14T16:42:20.699Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised."}, {"lang": "es", "value": "Rockwell Automation fue informado de una vulnerabilidad que hace que todos los controladores afectados en la misma red produzcan una falla importante no recuperable (MNRF/Assert). Esta vulnerabilidad podr\u00eda explotarse enviando paquetes anormales al puerto mDNS. Si se explota, la disponibilidad del dispositivo se ver\u00eda comprometida."}], "id": "CVE-2024-5659", "lastModified": "2024-11-21T09:48:06.543", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2024-06-14T17:15:51.600", "references": [{"source": "PSIRT@rockwellautomation.com", "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-670"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}

{}

{}