ICSA-24-284-20
·
Published 2024-10-10
·
View on CISA ICS-CERT ↗
Rockwell Automation ControlLogix
CVSS 7.5
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to send a specially crafted CIP message and cause a denial-of-service condition on the affected device.
CVEs (1)
Remediations
- Rockwell Automations recommends users update to V33.017, V34.014, V35.013, or V36.011.
- Additionally, Rockwell automation encourages customers to apply security best practices to minimize the risk of vulnerability.
- Security Best Practices
- For more information about this issue, please see the advisory on the Rockwell Automation security page.
Affected Vendors
Rockwell Automation
Affected Products (8)
Rockwell Automation
·
ControlLogix 5580
<V33.017_V34.014_V35.013_V36.011
Rockwell Automation
·
ControlLogix 5580 Process
<V33.017_V34.014_V35.013_V36.011
Rockwell Automation
·
GuardLogix 5580
<V33.017_V34.014_V35.013_V36.011
Rockwell Automation
·
CompactLogix 5380
<V33.017_V34.014_V35.013_V36.011
Rockwell Automation
·
Compact GuardLogix 5380 SIL 2
<V33.017_V34.014_V35.013_V36.011
Rockwell Automation
·
Compact GuardLogix 5380 SIL 3
<V33.017_V34.014_V35.013_V36.011
Rockwell Automation
·
CompactLogix 5480
<V33.017_V34.014_V35.013_V36.011
Rockwell Automation
·
FactoryTalk Logix Echo
<V33.017_V34.014_V35.013_V36.011
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more