Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-6077

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.

Published

2024-09-12T20:15:05.440

Last Modified

2024-09-19T14:31:18.463

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-20
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	rockwellautomation	compactlogix_5380_firmware	32.011	Yes
Hardware	rockwellautomation	compactlogix_5380	-	No
Operating System	rockwellautomation	compact_guardlogix_5380_sil_2_firmware	32.013	Yes
Hardware	rockwellautomation	compact_guardlogix_5380_sil_2	-	No
Operating System	rockwellautomation	compact_guardlogix_5380_sil_3_firmware	32.011	Yes
Hardware	rockwellautomation	compact_guardlogix_5380_sil_3	-	No
Operating System	rockwellautomation	compactlogix_5480_firmware	32.011	Yes
Hardware	rockwellautomation	compactlogix_5480	-	No
Operating System	rockwellautomation	controllogix_5580_firmware	33.011	Yes
Hardware	rockwellautomation	controllogix_5580	-	No
Operating System	rockwellautomation	guardlogix_5580_firmware	32.011	Yes
Hardware	rockwellautomation	guardlogix_5580	-	No
Operating System	rockwellautomation	1756-en4_firmware	2.001	Yes
Hardware	rockwellautomation	1756-en4	-	No

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1963.html Vendor Advisory ([email protected])