Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-3493

A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices.

Published

2024-04-15T22:15:09.073

Last Modified

2025-03-04T17:43:27.223

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-20
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System rockwellautomation controllogix_5580_firmware 35.011 Yes
Hardware rockwellautomation controllogix_5580 - No
Operating System rockwellautomation guardlogix_5580_firmware 35.011 Yes
Hardware rockwellautomation guardlogix_5580 - No
Operating System rockwellautomation compactlogix_5380_firmware 35.011 Yes
Hardware rockwellautomation compactlogix_5380 - No
Operating System rockwellautomation compact_guardlogix_5380_firmware 35.011 Yes
Hardware rockwellautomation compact_guardlogix_5380 - No
Operating System rockwellautomation 1756-en4tr_firmware 5.001 Yes
Hardware rockwellautomation 1756-en4tr - No
Operating System rockwellautomation controllogix_5580_process_firmware 35.011 Yes
Hardware rockwellautomation controllogix_5580_process - No
Operating System rockwellautomation compactlogix_5380_process_firmware 35.011 Yes
Hardware rockwellautomation compactlogix_5380_process - No
Operating System rockwellautomation compactlogix_5480_firmware 35.011 Yes
Hardware rockwellautomation compactlogix_5480 - No
References