Exploitable Vulnerability Could Prevent Access to Legitimate Users and End Connections to Connected Devices
CVE-2024-6207

7.5HIGH

Key Information:

Vendor: Rockwell Automation
Status: Controllogix® 5580; Controllogix® 5580 Process; Guardlogix 5580; Compactlogix 5380
Vendor: CVE Published:; 14 October 2024

Summary

The vulnerability allows a threat actor to exploit a flaw in the processing of specially crafted CIP messages sent to Rockwell Automation Controllers. This can lead to unauthorized disruption of service, preventing legitimate users from gaining access and possibly severing connections to devices within the network, including workstations. Recovery from such an incident necessitates a download process, which forcibly halts any ongoing controller operations, impacting production and operational efficiency.

Affected Version(s)

Compact GuardLogix 5380 SIL 2 V31.011

Compact GuardLogix 5380 SIL 3 V32.013

CompactLogix 5380 V28.011

References

https://www.rockwellautomation.com/en-us/trust-center/sec...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 14, 2024