Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-7507

CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.

Published

2024-08-14T20:15:12.900

Last Modified

2025-03-04T17:45:08.957

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-20
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	rockwellautomation	compactlogix_5380_firmware	< 34.014	Yes
Operating System	rockwellautomation	compactlogix_5380_firmware	35.011	Yes
Hardware	rockwellautomation	compactlogix_5380	-	No
Operating System	rockwellautomation	controllogix_5580_firmware	< 34.014	Yes
Operating System	rockwellautomation	controllogix_5580_firmware	35.011	Yes
Hardware	rockwellautomation	controllogix_5580	-	No
Operating System	rockwellautomation	guardlogix_5580_firmware	< 34.014	Yes
Operating System	rockwellautomation	guardlogix_5580_firmware	35.011	Yes
Hardware	rockwellautomation	guardlogix_5580	-	No
Operating System	rockwellautomation	compact_guardlogix_5380_sil_2_firmware	< 34.014	Yes
Operating System	rockwellautomation	compact_guardlogix_5380_sil_2_firmware	35.011	Yes
Hardware	rockwellautomation	compact_guardlogix_5380_sil_2	-	No
Operating System	rockwellautomation	compact_guardlogix_5380_sil_3_firmware	< 34.014	Yes
Operating System	rockwellautomation	compact_guardlogix_5380_sil_3_firmware	35.011	Yes
Hardware	rockwellautomation	compact_guardlogix_5380_sil_3	-	No
Operating System	rockwellautomation	compactlogix_5480_firmware	< 34.014	Yes
Operating System	rockwellautomation	compactlogix_5480_firmware	35.011	Yes
Hardware	rockwellautomation	compactlogix_5480	-	No

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201685.html Vendor Advisory ([email protected])