Rockwell Automation ControlLogix, GuardLogix 5580, CompactLogix, Compact GuardLogix 5380

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix 5580, CompactLogix, Compact GuardLogix 5380 Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of...

Rockwell Automation GuardLogix/ControlLogix 5580 Controller

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix 5580, GuardLogix 5580 Vulnerability : Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this...

PT-2024-5890 · Rockwell Automation · Controllogix/Guardlogix 5580 +1

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ControlLogix/GuardLogix 5580 versions affected versions not specified Rockwell Automation CompactLogix/Compact GuardLogix 5380 versions affected versions not specified Description: The issue is related to errors in...

PT-2024-6590 · Rockwell Automation · Compactlogix +2

Name of the Vulnerable Software and Affected Versions: Rockwell Automation CompactLogix versions affected versions not specified Rockwell Automation ControlLogix versions affected versions not specified Rockwell Automation GuardLogix versions affected versions not specified Description: A...

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol CIP programming and configuration commands. The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS...

CVE-2024-6242

A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/...

CVE-2024-6242 Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices

A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/...

CVE-2024-6242

CVE-2024-6242 – Rockwell Automation ControlLogix/Logix devices is a vulnerability that bypasses the Trusted Slot protection via an unprotected alternate channel in 1756 chassis. A threat actor could send CIP programming/configuration commands to modify user projects or device configuration on aff...

CVE-2024-6242 Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices

A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/...

Rockwell Automation Logix Controllers

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix, and 1756 ControlLogix I/O Modules Vulnerability : Unprotected Alternate Channel 2. RISK EVALUATION Successful exploitation of this...

Rockwell Automation ControlLogix 安全漏洞

Rockwell Automation ControlLogix is a controller from Rockwell Automation. A security vulnerability exists in Rockwell Automation ControlLogix that stems from a bypass issue where an attacker may be able to execute CIP commands to modify user items or device configurations on the controller...

Rockwell Automation ControlLogix, GuardLogix, and CompactLogix

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION : Low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix, CompactLogix Vulnerability : Always-Incorrect Control Flow Implementation 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Rockwell Automation ControlLogix and GuardLogix Improper Input Validation (CVE-2024-3493)

A specific malformed fragmented packet type fragmented packets may be generated automatically by devices that send large amounts of data can cause a major nonrecoverable fault MNRF. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally...

CVE-2024-3493

CVE-2024-3493 affects Rockwell Automation ControlLogix 5580, GuardLogix 5580, CompactLogix 5380, and 1756-EN4TR. The root cause is improper input validation triggering a major nonrecoverable fault (MNRF) when a specific malformed fragmented packet is processed; exploitation can render the device ...

Rockwell Automation ControlLogix 5580, Guard Logix 5580, CompactLogix 5380和1756-EN4TR 安全漏洞

Rockwell Automation ControlLogix is a controller from Rockwell Automation USA. A security vulnerability exists in Rockwell Automation ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR, which stems from an invalid header value resulting in the presence of a security...

VulnCheck KEV: CVE-2023-3595

Where this vulnerability exists in the Rockwell Automation 1756 EN2 and 1756 EN3 ControlLogix communication products, it could allow a malicious user to perform remote code execution with persistence on the target system through maliciously crafted CIP messages. This includes the ability to...

Rockwell Automation ControlLogix and GuardLogix Denial of Service Vulnerability

Rockwell Automation ControlLogix and GuardLogix are both Rockwell Automation controllers. A denial of service vulnerability exists in Rockwell Automation ControlLogix and GuardLogix, which can be exploited by an attacker to cause a denial of service condition by sending a specially crafted reques...

CVE-2024-21916

A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault MNRF. The device will restart itself to recover from the MNRF...

Denial of service

A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault MNRF. The device will restart itself to recover from the MNRF...

CVE-2024-21916 Rockwell Automation Denial-of-service Vulnerability in ICE1 Controller

A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault MNRF. The device will restart itself to recover from the MNRF...