Vulnerabilities > CVE-2024-6207 - Unspecified vulnerability in Rockwellautomation products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

rockwellautomation

NVD

Published: 2024-10-14

Updated: 2024-10-21

Summary

CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.

Vulnerable Configurations

Part	Description	Count
OS	Rockwellautomation Rockwellautomation Controllogix 5580 Firmware 28.011 Rockwellautomation Controllogix 5580 Firmware 32.013 Rockwellautomation Controllogix 5580 Firmware 33.011 Rockwellautomation Controllogix 5580 Firmware 34.011 Rockwellautomation Controllogix 5580 Firmware 35.011 Rockwellautomation Controllogix 5580 Process Firmware 33.011 Rockwellautomation Controllogix 5580 Process Firmware 34.011 Rockwellautomation Controllogix 5580 Process Firmware 35.011 Rockwellautomation Guardlogix 5580 Firmware 31.011 Rockwellautomation Guardlogix 5580 Firmware 32.011 Rockwellautomation Guardlogix 5580 Firmware 32.013 Rockwellautomation Guardlogix 5580 Firmware 33.011 Rockwellautomation Guardlogix 5580 Firmware 34.011 Rockwellautomation Guardlogix 5580 Firmware 35.011 Rockwellautomation Compactlogix 5380 Firmware 28.011 Rockwellautomation Compactlogix 5380 Firmware 31.011 Rockwellautomation Compactlogix 5380 Firmware 32.011 Rockwellautomation Compactlogix 5380 Firmware 32.013 Rockwellautomation Compactlogix 5380 Firmware 33.011 Rockwellautomation Compactlogix 5380 Firmware 34.011 Rockwellautomation Compactlogix 5380 Firmware 35.011 Rockwellautomation Compact Guardlogix 5380 SIL 2 Firmware 31.011 Rockwellautomation Compact Guardlogix 5380 SIL 2 Firmware 32.013 Rockwellautomation Compact Guardlogix 5380 SIL 2 Firmware 34.011 Rockwellautomation Compact Guardlogix 5380 SIL 2 Firmware 35.011 Rockwellautomation Compact Guardlogix 5380 SIL 3 Firmware 32.013 Rockwellautomation Compact Guardlogix 5380 SIL 3 Firmware 34.011 Rockwellautomation Compact Guardlogix 5380 SIL 3 Firmware 35.011 Rockwellautomation Compactlogix 5480 Firmware 32.011 Rockwellautomation Compactlogix 5480 Firmware 32.013 Rockwellautomation Compactlogix 5480 Firmware 33.011 Rockwellautomation Compactlogix 5480 Firmware 34.011 Rockwellautomation Compactlogix 5480 Firmware 35.011 Rockwellautomation Factorytalk Logix Echo Firmware 33.011 Rockwellautomation Factorytalk Logix Echo Firmware 35.011	35
Hardware	Rockwellautomation Rockwellautomation Controllogix 5580 - Rockwellautomation Controllogix 5580 Process - Rockwellautomation Guardlogix 5580 - Rockwellautomation Compactlogix 5380 - Rockwellautomation Compact Guardlogix 5380 SIL 2 - Rockwellautomation Compact Guardlogix 5380 SIL 3 - Rockwellautomation Compactlogix 5480 - Rockwellautomation Factorytalk Logix Echo -	8

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html