CVE-2024-6207

Published: Oct 14, 2024Modified: Oct 21, 2024

8.7

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: PSIRT@rockwellautomation.com (Secondary)

Description

CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.

Affected (23)

Products: Rockwellautomation: Controllogix 5580 Firmware, Controllogix 5580 Process Firmware, Guardlogix 5580 Firmware, Compactlogix 5380 Firmware, Compact Guardlogix 5380 Sil 2 Firmware, Compact Guardlogix 5380 Sil 3 Firmware, Compactlogix 5480 Firmware, Factorytalk Logix Echo Firmware

Rockwellautomation

8 products

Controllogix 5580 Firmware

Controllogix 5580 Process Firmware

Guardlogix 5580 Firmware

Compactlogix 5380 Firmware

Compact Guardlogix 5380 Sil 2 Firmware

Compact Guardlogix 5380 Sil 3 Firmware

Compactlogix 5480 Firmware

Factorytalk Logix Echo Firmware

Configuration A

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Controllogix 5580 Firmware	From 28.011 to 33.017
Rockwellautomation Controllogix 5580 Firmware	From 34.011 to 34.014
Rockwellautomation Controllogix 5580 Firmware	From 35.011 to 35.013

Running on/with	Platform Versions
Rockwellautomation Controllogix 5580	All versions

Configuration B

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Controllogix 5580 Process Firmware	From 33.011 to 33.017
Rockwellautomation Controllogix 5580 Process Firmware	From 34.011 to 34.014
Rockwellautomation Controllogix 5580 Process Firmware	From 35.011 to 35.013

Running on/with	Platform Versions
Rockwellautomation Controllogix 5580 Process	All versions

Configuration C

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Guardlogix 5580 Firmware	From 31.011 to 33.017
Rockwellautomation Guardlogix 5580 Firmware	From 34.011 to 34.014
Rockwellautomation Guardlogix 5580 Firmware	From 35.011 to 35.013

Running on/with	Platform Versions
Rockwellautomation Guardlogix 5580	All versions

Configuration D

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Compactlogix 5380 Firmware	From 28.011 to 33.017
Rockwellautomation Compactlogix 5380 Firmware	From 34.011 to 34.014
Rockwellautomation Compactlogix 5380 Firmware	From 35.011 to 35.013

Running on/with	Platform Versions
Rockwellautomation Compactlogix 5380	All versions

Configuration E

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Compact Guardlogix 5380 Sil 2 Firmware	From 31.011 to 33.017
Rockwellautomation Compact Guardlogix 5380 Sil 2 Firmware	From 34.011 to 34.014
Rockwellautomation Compact Guardlogix 5380 Sil 2 Firmware	From 35.011 to 35.013

Running on/with	Platform Versions
Rockwellautomation Compact Guardlogix 5380 Sil 2	All versions

Configuration F

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Compact Guardlogix 5380 Sil 3 Firmware	From 32.013 to 33.017
Rockwellautomation Compact Guardlogix 5380 Sil 3 Firmware	From 34.011 to 34.014
Rockwellautomation Compact Guardlogix 5380 Sil 3 Firmware	From 35.011 to 35.013

Running on/with	Platform Versions
Rockwellautomation Compact Guardlogix 5380 Sil 3	All versions

Configuration G

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Compactlogix 5480 Firmware	From 32.011 to 33.017
Rockwellautomation Compactlogix 5480 Firmware	From 34.011 to 34.014
Rockwellautomation Compactlogix 5480 Firmware	From 35.011 to 35.013

Running on/with	Platform Versions
Rockwellautomation Compactlogix 5480	All versions

Configuration H

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Rockwellautomation Factorytalk Logix Echo Firmware	From 33.011 to 34.014
Rockwellautomation Factorytalk Logix Echo Firmware	From 35.011 to 35.013

Running on/with	Platform Versions
Rockwellautomation Factorytalk Logix Echo	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (1)

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html

Source: PSIRT@rockwellautomation.com

Vendor Advisory

Timeline

No history available yet.