A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.
Fixes

Solution

Affected Family         First Known in Software/Firmware Version         Corrected in Software/Firmware Version         CompactLogix 5380               v.32 .011         v33.017, v34.014, v35.013, v36.011 and later         CompactLogix 5380 Process         v.33.011         v33.017, v34.014, v35.013, v36.011 and later         Compact GuardLogix 5380 SIL 2         v.32.013         v33.017, v34.014, v35.013, v36.011 and later         Compact GuardLogix 5380 SIL 3         v.32.011         v33.017, v34.014, v35.013, v36.011 and later         CompactLogix 5480         v.32.011         v33.017, v34.014, v35.013, v36.011 and later         ControlLogix® 5580         v.32.011         v33.017, v34.014, v35.013, v36.011 and later         ControlLogix® 5580 Process         v.33.011         v33.017, v34.014, v35.013, v36.011 and later         GuardLogix 5580         v.32.011         v33.017, v34.014, v35.013, v36.011 and later         1756-EN4         v2.001         v6.001 and later       Mitigations and Workarounds Customers who are unable to upgrade to the corrected software versions are encouraged to apply the following risk mitigations. * Users who do not wish to use CIP security can disable the feature per device. See "Disable CIP Security" in Chapter 2 of "CIP Security with Rockwell Automation Products" (publication SECURE-AT001) For information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight  to minimize the risk of the vulnerability. Customers can use Stakeholder-Specific Vulnerability Categorization https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc  to generate more environment-specific prioritization.


Workaround

No workaround given by the vendor.

History

Thu, 19 Sep 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Rockwellautomation 1756-en4
Rockwellautomation compact Guardlogix 5380 Sil 2
Rockwellautomation compact Guardlogix 5380 Sil 2 Firmware
Rockwellautomation compact Guardlogix 5380 Sil 3
Rockwellautomation compact Guardlogix 5380 Sil 3 Firmware
Rockwellautomation compactlogix 5380
Rockwellautomation compactlogix 5480
Rockwellautomation controllogix 5580
Rockwellautomation guardlogix 5580
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:h:rockwellautomation:1756-en4:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_2:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_3:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:1756-en4_firmware:2.001:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:32.013:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:32.011:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:32.011:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:32.011:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:33.011:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:32.011:*:*:*:*:*:*:*
Vendors & Products Rockwellautomation 1756-en4
Rockwellautomation compact Guardlogix 5380 Sil 2
Rockwellautomation compact Guardlogix 5380 Sil 2 Firmware
Rockwellautomation compact Guardlogix 5380 Sil 3
Rockwellautomation compact Guardlogix 5380 Sil 3 Firmware
Rockwellautomation compactlogix 5380
Rockwellautomation compactlogix 5480
Rockwellautomation controllogix 5580
Rockwellautomation guardlogix 5580
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


Thu, 12 Sep 2024 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Rockwellautomation
Rockwellautomation 1756-en4 Firmware
Rockwellautomation compact Guardlogix 5380 Sil2 Firmware
Rockwellautomation compact Guardlogix 5380 Sil3 Firmware
Rockwellautomation compactlogix 5380 Firmware
Rockwellautomation compactlogix 5380 Process Firmware
Rockwellautomation compactlogix 5480 Firmware
Rockwellautomation controllogix 5580 Firmware
Rockwellautomation controllogix 5580 Process Firmware
Rockwellautomation guardlogix 5580 Firmware
CPEs cpe:2.3:o:rockwellautomation:1756-en4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:compactlogix_5380_process_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*
Vendors & Products Rockwellautomation
Rockwellautomation 1756-en4 Firmware
Rockwellautomation compact Guardlogix 5380 Sil2 Firmware
Rockwellautomation compact Guardlogix 5380 Sil3 Firmware
Rockwellautomation compactlogix 5380 Firmware
Rockwellautomation compactlogix 5380 Process Firmware
Rockwellautomation compactlogix 5480 Firmware
Rockwellautomation controllogix 5580 Firmware
Rockwellautomation controllogix 5580 Process Firmware
Rockwellautomation guardlogix 5580 Firmware
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 12 Sep 2024 20:15:00 +0000

Type Values Removed Values Added
Description A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.
Title Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP
Weaknesses CWE-20
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Rockwell

Published:

Updated: 2024-09-12T21:01:50.254Z

Reserved: 2024-06-17T16:21:32.155Z

Link: CVE-2024-6077

cve-icon Vulnrichment

Updated: 2024-09-12T20:31:09.370Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-12T20:15:05.440

Modified: 2024-09-19T14:31:18.463

Link: CVE-2024-6077

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.