ICSA-24-284-18
·
Published 2024-10-10
·
View on CISA ICS-CERT ↗
Rockwell Automation Logix Controllers
CVSS 8.6
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service on the affected products.
CVEs (1)
Remediations
- Rockwell Automation offers users the following solutions:
- CompactLogix 5380: Update to v33.015 and later for versions 33. Update to v34.011 and later
- Compact GuardLogix 5380: Update to v33.015 and later for versions 33. Update to v34.011 and later
- CompactLogix 5480: Update to v33.015 and later for versions 33. Update to v34.011 and later
- ControlLogix 5580: Update to v33.015 and later for versions 33. Update to v34.011 and later
- GuardLogix 5580: Update to v33.015 and later for versions 33. Update to v34.011 and later
- 1756-EN4TR: Update to version 4.001 and later
- Customers using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.
- Security Best Practices
- For more information about this issue, please see the advisory on the Rockwell Automation security page.
Affected Vendors
Rockwell Automation
Affected Products (6)
Rockwell Automation
·
CompactLogix 5380
>v33.011|<v33.015
Rockwell Automation
·
Compact GuardLogix 5380
>v33.011|<v33.015
Rockwell Automation
·
CompactLogix 5480
>v33.011|<v33.015
Rockwell Automation
·
ControlLogix 5580
>v33.011|<v33.015
Rockwell Automation
·
GuardLogix 5580
>v33.011|<v33.015
Rockwell Automation
·
1756-EN4TR
v3.002
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more