Controllogix 5580 Firmware Security Vulnerabilities and Issues — Controllogix 5580 Firmware CVE List

Lucene search

RockwellautomationControllogix 5580 Firmware

9 matches found

CVE•added 2022/06/02 2:15 p.m.•71 views

CVE-2022-1797

A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload ...

8.6CVSS7.4AI score0.00029EPSS

CVE•added 2024/10/14 9:15 p.m.•56 views

CVE-2024-6207

CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the ...

8.7CVSS7.2AI score0.00193EPSS

CVE•added 2024/08/14 8:15 p.m.•54 views

CVE-2024-7515

CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller.

8.7CVSS6.5AI score0.00147EPSS

CVE•added 2024/04/15 10:15 p.m.•51 views

CVE-2024-3493

A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the af...

8.6CVSS6.7AI score0.00064EPSS

CVE•added 2024/09/12 8:15 p.m.•49 views

CVE-2024-6077

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.

8.7CVSS7.4AI score0.00078EPSS

CVE•added 2024/08/14 8:15 p.m.•47 views

CVE-2024-40619

CVE-2024-40619 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service.

8.7CVSS6.5AI score0.00147EPSS

CVE•added 2024/06/14 5:15 p.m.•45 views

CVE-2024-5659

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device wou...

8.3CVSS6.8AI score0.00044EPSS

CVE•added 2024/08/14 8:15 p.m.•40 views

CVE-2024-7507

CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.

8.7CVSS6.5AI score0.00112EPSS

CVE•added 2024/10/08 5:15 p.m.•37 views

CVE-2024-8626

Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a ...

8.7CVSS6.4AI score0.00112EPSS