Vulnerabilities > CVE-2024-6077 - Unspecified vulnerability in Rockwellautomation products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

rockwellautomation

NVD

Published: 2024-09-12

Updated: 2024-09-19

Summary

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.

Vulnerable Configurations

Part	Description	Count
OS	Rockwellautomation Rockwellautomation Compactlogix 5380 Firmware 32.011 Rockwellautomation Compact Guardlogix 5380 SIL 2 Firmware 32.013 Rockwellautomation Compact Guardlogix 5380 SIL 3 Firmware 32.011 Rockwellautomation Compactlogix 5480 Firmware 32.011 Rockwellautomation Controllogix 5580 Firmware 33.011 Rockwellautomation Guardlogix 5580 Firmware 32.011 Rockwellautomation 1756 EN4 Firmware 2.001	7
Hardware	Rockwellautomation Rockwellautomation Compactlogix 5380 - Rockwellautomation Compact Guardlogix 5380 SIL 2 - Rockwellautomation Compact Guardlogix 5380 SIL 3 - Rockwellautomation Compactlogix 5480 - Rockwellautomation Controllogix 5580 - Rockwellautomation Guardlogix 5580 - Rockwellautomation 1756 EN4 -	7

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1963.html