ICSA-24-226-03
·
Published 2024-08-13
·
View on CISA ICS-CERT ↗
Rockwell Automation GuardLogix/ControlLogix 5580 Controller
CVSS 7.5
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to perform a denial-of-service on the device.
CVEs (1)
Remediations
- Rockwell Automation has released product updates addressing this vulnerability:
- ControlLogix 5580: Update to v34.014 and later
- GuardLogix 5580: Update to v34.014 and later
- Customers using the affected software are encouraged to apply the risk mitigations, if possible.
- For information on how to mitigate Security Risks on industrial automation control systems, Rockwell Automation encourages customers to implement our suggested security best practices to minimize the risk of the vulnerability.
- Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment-specific prioritization.
Affected Vendors
Rockwell Automation
Affected Products (2)
Rockwell Automation
·
ControlLogix 5580
>=v34.011
Rockwell Automation
·
GuardLogix 5580
>=v34.011
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more