CVE-2024-5659
8.3 High
CVSS4
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:H
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.0%
Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device would be compromised.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "ControlLogix® 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GuardLogix 5580",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "1756-EN4",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "4.001"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compact GuardLogix 5380",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CompactLogix 5480",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "34.011"
}
]
}
]Related
8.3 High
CVSS4
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:H
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.0%