{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2024-8626", "ASSIGNER": "PSIRT@rockwellautomation.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400 Uncontrolled Resource Consumption", "cweId": "CWE-400" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Rockwell Automation", "product": { "product_data": [ { "product_name": "CompactLogix 5380 controllers", "version": { "version_data": [ { "version_affected": "=", "version_value": "v33.011 <" } ] } }, { "product_name": "Compact GuardLogix\u00ae 5380 controllers", "version": { "version_data": [ { "version_affected": "=", "version_value": "v33.011<" } ] } }, { "product_name": "CompactLogix 5480 controllers", "version": { "version_data": [ { "version_affected": "=", "version_value": "v33.011<" } ] } }, { "product_name": "GuardLogix 5580 controllers", "version": { "version_data": [ { "version_affected": "=", "version_value": "v33.011<" } ] } }, { "product_name": "1756-EN4TR", "version": { "version_data": [ { "version_affected": "=", "version_value": "v3.002" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1706.html", "refsource": "MISC", "name": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1706.html" } ] }, "generator": { "engine": "Vulnogram 0.2.0" }, "source": { "advisory": "SD1706", "discovery": "EXTERNAL" }, "solution": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "


Affected Product 

 

 

First Known in firmware Revision

 

 

 

 

Corrected in Firmware Revision

 

 

 

 

CompactLogix 5380 controllers

 

 

 

 

v33.011 <

 

 

 

 

 

 

 

 

 

 

  • v33.015 and later for versions 33

 

 

  • v34.011 and later

 

 

 

 

 

 

 

Compact GuardLogix\u00ae 5380 controllers

 

 

 

 

v33.011<

 

 

 

 

CompactLogix 5480 controllers

 

 

 

 

v33.011<

 

 

 

 

ControlLogix 5580 controllers

 

 

 

 

v33.011<

 

 

 

 

GuardLogix 5580 controllers

 

 

 

 

v33.011<

 

 

 

 

1756-EN4TR

 

 

 

 

v3.002

 

 

 

 

  • 4.001 and later

 

 


\n\n

Mitigations and Workarounds

Customers using the affected versions are encouraged to upgrade to corrected firmware versions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability.

\n\n
" } ], "value": "Affected Product\u00a0\n\n\u00a0\n\n\u00a0\n\nFirst Known in firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCorrected in Firmware Revision\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5380 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011 <\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n * v33.015 and later for versions 33\n\n\n\n\n\u00a0\n\n\u00a0\n\n * v34.011 and later\n\n\n\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompact GuardLogix\u00ae 5380 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011<\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nCompactLogix 5480 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011<\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nControlLogix 5580 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011<\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nGuardLogix 5580 controllers\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv33.011<\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n1756-EN4TR\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\nv3.002\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n\u00a0\n\n * 4.001 and later\n\n\n\n\n\u00a0\n\n\u00a0\n\n\n\n\nMitigations and Workarounds \n\nCustomers using the affected versions are encouraged to upgrade to corrected firmware versions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability. \n\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight" } ] }