ICSA-24-030-05
·
Published 2024-01-30
·
View on CISA ICS-CERT ↗
Rockwell Automation ControlLogix and GuardLogix
CVSS 8.6
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to crash the device by exploiting a Denial-of-Service (DoS) vulnerability.
CVEs (1)
Remediations
- Rockwell Automation users with the affected software are encouraged to apply the risk mitigations, if possible. Additionally, Rockwell Automation encourages users to implement their suggested security best practices to minimize the risk of vulnerability.
- ControlLogix 5570: Corrected in v33.016, 34.013, 35.012, 36.011 and later
- ControlLogix 5570 redundant: Corrected in v33.053_kit1, 34.052_kit1, 35.052_kit1, 36.051_kit1 and later
- GuardLogix 5570: Corrected in v33.016, 34.013, 35.012, 36.011 and later
- For more information, see Rockwell Automation's security advisory.
Affected Vendors
Rockwell Automation
Affected Products (3)
Rockwell Automation
·
ControlLogix 5570
Firmware__20.011
Rockwell Automation
·
ControlLogix 5570 redundant
Firmware__20.054_kit1
Rockwell Automation
·
GuardLogix 5570
Firmware__20.011
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more