An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation.
2022-12-19T23:15:10.660
2024-11-21T07:20:10.707
Modified
CVSSv3.1: 8.6 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | rockwellautomation | compactlogix_5480_firmware | ≥ 32.011 | Yes |
| Hardware | rockwellautomation | compactlogix_5480 | - | No |
| Operating System | rockwellautomation | compactlogix_5580_firmware | ≥ 31.011 | Yes |
| Hardware | rockwellautomation | compactlogix_5580 | - | No |
| Operating System | rockwellautomation | guardlogix_5580_firmware | ≥ 32.011 | Yes |
| Hardware | rockwellautomation | guardlogix_5580 | - | No |
| Operating System | rockwellautomation | compact_guardlogix_5380_firmware | ≥ 31.011 | Yes |
| Hardware | rockwellautomation | compact_guardlogix_5380 | - | No |
| Operating System | rockwellautomation | compactlogix_5380_firmware | ≥ 31.011 | Yes |
| Hardware | rockwellautomation | compactlogix_5380 | - | No |