CVE-2024-6207: Input Validation
First published: Mon Oct 14 2024(Updated: )
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
Credit: PSIRT@rockwellautomation.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Rockwell Automation ControlLogix 5580 Firmware | >=28.011<33.017 | |
| Rockwell Automation ControlLogix 5580 Firmware | >=34.011<34.014 | |
| Rockwell Automation ControlLogix 5580 Firmware | >=35.011<35.013 | |
| Rockwell Automation ControlLogix 5580 Firmware | ||
| All of | ||
| Any of | ||
| Rockwell Automation ControlLogix 5580 Firmware | >=33.011<33.017 | |
| Rockwell Automation ControlLogix 5580 Firmware | >=34.011<34.014 | |
| Rockwell Automation ControlLogix 5580 Firmware | >=35.011<35.013 | |
| Rockwell Automation ControlLogix 5580 Process | ||
| All of | ||
| Any of | ||
| Rockwell Automation GuardLogix 5580 Firmware | >=31.011<33.017 | |
| Rockwell Automation GuardLogix 5580 Firmware | >=34.011<34.014 | |
| Rockwell Automation GuardLogix 5580 Firmware | >=35.011<35.013 | |
| Rockwell Automation GuardLogix 5580 | ||
| All of | ||
| Any of | ||
| Rockwell Automation CompactLogix 5380 Firmware | >=28.011<33.017 | |
| Rockwell Automation CompactLogix 5380 Firmware | >=34.011<34.014 | |
| Rockwell Automation CompactLogix 5380 Firmware | >=35.011<35.013 | |
| Rockwell Automation CompactLogix 5380 Firmware | ||
| All of | ||
| Any of | ||
| rockwellautomation Compact GuardLogix 5380 sil 2 | >=31.011<33.017 | |
| rockwellautomation Compact GuardLogix 5380 sil 2 | >=34.011<34.014 | |
| rockwellautomation Compact GuardLogix 5380 sil 2 | >=35.011<35.013 | |
| Rockwell Automation Compact GuardLogix 5380 SIL 2 | ||
| All of | ||
| Any of | ||
| Rockwell Automation Compact GuardLogix 5380 SIL 3 Firmware | >=32.013<33.017 | |
| Rockwell Automation Compact GuardLogix 5380 SIL 3 Firmware | >=34.011<34.014 | |
| Rockwell Automation Compact GuardLogix 5380 SIL 3 Firmware | >=35.011<35.013 | |
| Rockwell Automation Compact GuardLogix 5380 SIL 3 | ||
| All of | ||
| Any of | ||
| Rockwell Automation CompactLogix 5480 Firmware | >=32.011<33.017 | |
| Rockwell Automation CompactLogix 5480 Firmware | >=34.011<34.014 | |
| Rockwell Automation CompactLogix 5480 Firmware | >=35.011<35.013 | |
| Rockwell Automation CompactLogix 5480 | ||
| All of | ||
| Any of | ||
| Rockwell Automation FactoryTalk Logix Echo Firmware | >=33.011<34.014 | |
| Rockwell Automation FactoryTalk Logix Echo Firmware | >=35.011<35.013 | |
| Rockwell Automation FactoryTalk Logix Echo |
Remedy
AFFECTED PRODUCTS AND SOLUTION Affected Product First Known in firmware revisionCorrected in firmware revisionControlLogix® 5580V28.011V33.017, V34.014, V35.013, V36.011 and laterControlLogix® 5580 ProcessV33.011V33.017, V34.014, V35.013, V36.011 and laterGuardLogix 5580V31.011 V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5380V28.011 V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 2V31.011V33.017, V34.014, V35.013, V36.011 and laterCompact GuardLogix 5380 SIL 3V32.013V33.017, V34.014, V35.013, V36.011 and laterCompactLogix 5480V32.011V33.017, V34.014, V35.013, V36.011 and laterFactoryTalk® Logix Echo V33.011V34.014, V35.013, V36.011 and later
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-6207?
CVE-2024-6207 is classified as a critical vulnerability that allows a threat actor to disrupt access to connected devices.
How do I fix CVE-2024-6207?
To remediate CVE-2024-6207, update the affected Rockwell Automation ControlLogix firmware to the latest versions listed in the advisory.
What software is affected by CVE-2024-6207?
CVE-2024-6207 affects various versions of Rockwell Automation ControlLogix, GuardLogix, CompactLogix, and related firmware.
What could happen if CVE-2024-6207 is exploited?
Exploitation of CVE-2024-6207 may allow an attacker to prevent legitimate user access and terminate connections to affected devices.
Is there a workaround for CVE-2024-6207?
Currently, there are no public workarounds for CVE-2024-6207; updating the firmware is the recommended action.
- agent/remedy
- agent/type
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/rockwellautomation
- canonical/rockwell automation controllogix 5580 firmware
- version/rockwell automation controllogix 5580 firmware/28.011
- version/rockwell automation controllogix 5580 firmware/34.011
- version/rockwell automation controllogix 5580 firmware/35.011
- version/rockwell automation controllogix 5580 firmware/33.011
- canonical/rockwell automation controllogix 5580 process
- canonical/rockwell automation guardlogix 5580 firmware
- version/rockwell automation guardlogix 5580 firmware/31.011
- version/rockwell automation guardlogix 5580 firmware/34.011
- version/rockwell automation guardlogix 5580 firmware/35.011
- canonical/rockwell automation guardlogix 5580
- canonical/rockwell automation compactlogix 5380 firmware
- version/rockwell automation compactlogix 5380 firmware/28.011
- version/rockwell automation compactlogix 5380 firmware/34.011
- version/rockwell automation compactlogix 5380 firmware/35.011
- canonical/rockwellautomation compact guardlogix 5380 sil 2
- version/rockwellautomation compact guardlogix 5380 sil 2/31.011
- version/rockwellautomation compact guardlogix 5380 sil 2/34.011
- version/rockwellautomation compact guardlogix 5380 sil 2/35.011
- canonical/rockwell automation compact guardlogix 5380 sil 2
- canonical/rockwell automation compact guardlogix 5380 sil 3 firmware
- version/rockwell automation compact guardlogix 5380 sil 3 firmware/32.013
- version/rockwell automation compact guardlogix 5380 sil 3 firmware/34.011
- version/rockwell automation compact guardlogix 5380 sil 3 firmware/35.011
- canonical/rockwell automation compact guardlogix 5380 sil 3
- canonical/rockwell automation compactlogix 5480 firmware
- version/rockwell automation compactlogix 5480 firmware/32.011
- version/rockwell automation compactlogix 5480 firmware/34.011
- version/rockwell automation compactlogix 5480 firmware/35.011
- canonical/rockwell automation compactlogix 5480
- canonical/rockwell automation factorytalk logix echo firmware
- version/rockwell automation factorytalk logix echo firmware/33.011
- version/rockwell automation factorytalk logix echo firmware/35.011
- canonical/rockwell automation factorytalk logix echo