Vulnerabilities > CVE-2024-5659 - Unspecified vulnerability in Rockwellautomation products

CVSS 6.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

low complexity

rockwellautomation

NVD

Published: 2024-06-14

Updated: 2025-03-03

Summary

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device would be compromised.

Vulnerable Configurations

Part	Description	Count
OS	Rockwellautomation Rockwellautomation Controllogix 5580 Firmware 34.011 Rockwellautomation Guardlogix 5580 Firmware 34.011 Rockwellautomation 1756 EN4 Firmware 4.001 Rockwellautomation Compactlogix 5380 Firmware 34.011 Rockwellautomation Compact Guardlogix 5380 Firmware 34.011 Rockwellautomation Compactlogix 5480 Firmware 34.011	6
Hardware	Rockwellautomation Rockwellautomation Controllogix 5580 - Rockwellautomation Guardlogix 5580 - Rockwellautomation 1756 EN4 - Rockwellautomation Compactlogix 5380 - Rockwellautomation Compact Guardlogix 5380 - Rockwellautomation Compactlogix 5480 -	6

Summary

Vulnerable Configurations

References