Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-21916

A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF.

Published

2024-01-31T19:15:08.427

Last Modified

2024-11-21T08:55:16.243

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-119
Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	rockwellautomation	controllogix_5570_controller_firmware	20.011	Yes
Hardware	rockwellautomation	controllogix_5570_controller	-	No
Operating System	rockwellautomation	guardlogix_5570_controller_firmware	20.011	Yes
Hardware	rockwellautomation	guardlogix_5570_controller	-	No
Operating System	rockwellautomation	controllogix_5570_redundant_controller_firmware	20.054_kit1	Yes
Hardware	rockwellautomation	controllogix_5570_redundant_controller	-	No

References

https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html Vendor Advisory ([email protected])
https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)