Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRockwellCVELIST:CVE-2024-6077
HistorySep 12, 2024 - 7:59 p.m.

CVE-2024-6077 Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP

2024-09-1219:59:40
CWE-20
Rockwell
www.cve.org
5
rockwell automation
controllogix
guardlogix
compactlogix
compact guardlogix
dos
cip
vulnerability
factory reset

CVSS4

8.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:N

EPSS

0

Percentile

9.6%

JSON

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "CompactLogix 5380",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v.32 .011"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CompactLogix 5380 Process",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v.33.011"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Compact GuardLogix 5380 SIL 2",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v.32.013"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Compact GuardLogix 5380 SIL 3",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v.32.011"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "CompactLogix 5480",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v.32.011"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "ControlLogix® 5580",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v.32.011"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "ControlLogix® 5580 Process",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v.33.011"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "GuardLogix 5580",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v.32.011"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "1756-EN4",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "v2.001"
      }
    ]
  }
]

Related

vulnrichment 1
cve 1
ics 1
nvd 1
vulnrichment
vulnrichment
CVE-2024-6077 Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP
2024-09-12 19:59:40
cve
cve
CVE-2024-6077
2024-09-12 20:15:05
ics
ics
Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380
2024-09-12 12:00:00
nvd
nvd
CVE-2024-6077
2024-09-12 20:15:05

CVSS4

8.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:N

EPSS

0

Percentile

9.6%

JSON
Related for CVELIST:CVE-2024-6077
vulnrichment1cve1ics1nvd1