Vulnerabilities > CVE-2024-40619 - Improper Check for Unusual or Exceptional Conditions vulnerability in Rockwellautomation products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

rockwellautomation

CWE-754

NVD

Published: 2024-08-14

Updated: 2025-01-31

Summary

CVE-2024-40619 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service.

Vulnerable Configurations

Part	Description	Count
OS	Rockwellautomation Rockwellautomation Controllogix 5580 Firmware 34.011 Rockwellautomation Guardlogix 5580 Firmware 34.011	2
Hardware	Rockwellautomation Rockwellautomation Controllogix 5580 - Rockwellautomation Guardlogix 5580 -	2

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201690.html