Metrics
Affected Vendors & Products
Solution
Affected Family First Known in Software/Firmware Version Corrected in Software/Firmware Version CompactLogix 5380 v.32 .011 v33.017, v34.014, v35.013, v36.011 and later CompactLogix 5380 Process v.33.011 v33.017, v34.014, v35.013, v36.011 and later Compact GuardLogix 5380 SIL 2 v.32.013 v33.017, v34.014, v35.013, v36.011 and later Compact GuardLogix 5380 SIL 3 v.32.011 v33.017, v34.014, v35.013, v36.011 and later CompactLogix 5480 v.32.011 v33.017, v34.014, v35.013, v36.011 and later ControlLogix® 5580 v.32.011 v33.017, v34.014, v35.013, v36.011 and later ControlLogix® 5580 Process v.33.011 v33.017, v34.014, v35.013, v36.011 and later GuardLogix 5580 v.32.011 v33.017, v34.014, v35.013, v36.011 and later 1756-EN4 v2.001 v6.001 and later Mitigations and Workarounds Customers who are unable to upgrade to the corrected software versions are encouraged to apply the following risk mitigations. * Users who do not wish to use CIP security can disable the feature per device. See "Disable CIP Security" in Chapter 2 of "CIP Security with Rockwell Automation Products" (publication SECURE-AT001) For information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight to minimize the risk of the vulnerability. Customers can use Stakeholder-Specific Vulnerability Categorization https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc to generate more environment-specific prioritization.
Workaround
No workaround given by the vendor.
Thu, 19 Sep 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Rockwellautomation 1756-en4
Rockwellautomation compact Guardlogix 5380 Sil 2 Rockwellautomation compact Guardlogix 5380 Sil 2 Firmware Rockwellautomation compact Guardlogix 5380 Sil 3 Rockwellautomation compact Guardlogix 5380 Sil 3 Firmware Rockwellautomation compactlogix 5380 Rockwellautomation compactlogix 5480 Rockwellautomation controllogix 5580 Rockwellautomation guardlogix 5580 |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:h:rockwellautomation:1756-en4:-:*:*:*:*:*:*:* cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_2:-:*:*:*:*:*:*:* cpe:2.3:h:rockwellautomation:compact_guardlogix_5380_sil_3:-:*:*:*:*:*:*:* cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:* cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:* cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:* cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:1756-en4_firmware:2.001:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_2_firmware:32.013:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil_3_firmware:32.011:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:32.011:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:32.011:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:33.011:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:32.011:*:*:*:*:*:*:* |
|
Vendors & Products |
Rockwellautomation 1756-en4
Rockwellautomation compact Guardlogix 5380 Sil 2 Rockwellautomation compact Guardlogix 5380 Sil 2 Firmware Rockwellautomation compact Guardlogix 5380 Sil 3 Rockwellautomation compact Guardlogix 5380 Sil 3 Firmware Rockwellautomation compactlogix 5380 Rockwellautomation compactlogix 5480 Rockwellautomation controllogix 5580 Rockwellautomation guardlogix 5580 |
|
Metrics |
cvssV3_1
|
Thu, 12 Sep 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Rockwellautomation
Rockwellautomation 1756-en4 Firmware Rockwellautomation compact Guardlogix 5380 Sil2 Firmware Rockwellautomation compact Guardlogix 5380 Sil3 Firmware Rockwellautomation compactlogix 5380 Firmware Rockwellautomation compactlogix 5380 Process Firmware Rockwellautomation compactlogix 5480 Firmware Rockwellautomation controllogix 5580 Firmware Rockwellautomation controllogix 5580 Process Firmware Rockwellautomation guardlogix 5580 Firmware |
|
CPEs | cpe:2.3:o:rockwellautomation:1756-en4_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_sil3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:compactlogix_5380_process_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:controllogix_5580_process_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Rockwellautomation
Rockwellautomation 1756-en4 Firmware Rockwellautomation compact Guardlogix 5380 Sil2 Firmware Rockwellautomation compact Guardlogix 5380 Sil3 Firmware Rockwellautomation compactlogix 5380 Firmware Rockwellautomation compactlogix 5380 Process Firmware Rockwellautomation compactlogix 5480 Firmware Rockwellautomation controllogix 5580 Firmware Rockwellautomation controllogix 5580 Process Firmware Rockwellautomation guardlogix 5580 Firmware |
|
Metrics |
ssvc
|
Thu, 12 Sep 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover. | |
Title | Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP | |
Weaknesses | CWE-20 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: Rockwell
Published:
Updated: 2024-09-12T21:01:50.254Z
Reserved: 2024-06-17T16:21:32.155Z
Link: CVE-2024-6077

Updated: 2024-09-12T20:31:09.370Z

Status : Analyzed
Published: 2024-09-12T20:15:05.440
Modified: 2024-09-19T14:31:18.463
Link: CVE-2024-6077

No data.

No data.