First published: Thu Sep 12 2024(Updated: )
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.
Credit: PSIRT@rockwellautomation.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Rockwellautomation Compactlogix 5380 Firmware | =32.011 | |
Rockwellautomation Compactlogix 5380 | ||
All of | ||
Rockwellautomation Compact Guardlogix 5380 Sil 2 Firmware | =32.013 | |
Rockwellautomation Compact Guardlogix 5380 Sil 2 | ||
All of | ||
Rockwellautomation Compact Guardlogix 5380 Sil 3 Firmware | =32.011 | |
Rockwellautomation Compact Guardlogix 5380 Sil 3 | ||
All of | ||
Rockwellautomation Compactlogix 5480 Firmware | =32.011 | |
Rockwellautomation Compactlogix 5480 | ||
All of | ||
Rockwellautomation Controllogix 5580 Firmware | =33.011 | |
Rockwellautomation Controllogix 5580 | ||
All of | ||
Rockwellautomation Guardlogix 5580 Firmware | =32.011 | |
Rockwellautomation Guardlogix 5580 | ||
All of | ||
Rockwellautomation 1756-en4 Firmware | =2.001 | |
Rockwellautomation 1756-en4 |
Affected Family First Known in Software/Firmware Version Corrected in Software/Firmware Version CompactLogix 5380 v.32 .011 v33.017, v34.014, v35.013, v36.011 and later CompactLogix 5380 Process v.33.011 v33.017, v34.014, v35.013, v36.011 and later Compact GuardLogix 5380 SIL 2 v.32.013 v33.017, v34.014, v35.013, v36.011 and later Compact GuardLogix 5380 SIL 3 v.32.011 v33.017, v34.014, v35.013, v36.011 and later CompactLogix 5480 v.32.011 v33.017, v34.014, v35.013, v36.011 and later ControlLogix® 5580 v.32.011 v33.017, v34.014, v35.013, v36.011 and later ControlLogix® 5580 Process v.33.011 v33.017, v34.014, v35.013, v36.011 and later GuardLogix 5580 v.32.011 v33.017, v34.014, v35.013, v36.011 and later 1756-EN4 v2.001 v6.001 and later Mitigations and Workarounds Customers who are unable to upgrade to the corrected software versions are encouraged to apply the following risk mitigations. * Users who do not wish to use CIP security can disable the feature per device. See "Disable CIP Security" in Chapter 2 of "CIP Security with Rockwell Automation Products" (publication SECURE-AT001) For information on how to mitigate Security Risks on industrial automation control systems, we encourage customers to implement our suggested security best practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight to minimize the risk of the vulnerability. Customers can use Stakeholder-Specific Vulnerability Categorization https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc to generate more environment-specific prioritization.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.