What is the severity of CVE-2024-7847?

CVE-2024-7847 has a severity rating that indicates a significant potential for impact on the affected systems.

How do I fix CVE-2024-7847?

To fix CVE-2024-7847, users should update to the latest versions of Rockwell Automation RSLogix 5 and RSLogix 500 as recommended by the vendor.

What products are affected by CVE-2024-7847?

CVE-2024-7847 affects Rockwell Automation RSLogix 5 and RSLogix 500 software products.

Who reported CVE-2024-7847?

CVE-2024-7847 was reported by Sharon Brizinov of Claroty Research - Team82.

Is there official documentation for CVE-2024-7847?

Yes, official documentation and details for CVE-2024-7847 can be found in the security advisory from Rockwell Automation.

Vulnerability/
CVE-2024-7847

high

8.8

CWE

345

14/10/2024

15/10/2024

CVE-2024-7847: RSLogix™ 5 and RSLogix 500® Remote Code Execution Via VBA Embedded Script

First published: Mon Oct 14 2024(Updated: )

VULNERABILITY DETAILS Rockwell Automation used the latest versions of the CVSS scoring system to assess the following vulnerabilities. The following vulnerabilities were reported to us by Sharon Brizinov of Claroty Research - Team82. A feature in the affected products enables users to prepare a project file with an embedded VBA script and can be configured to run once the project file has been opened without user intervention. This feature can be abused to trick a legitimate user into executing malicious code upon opening an infected RSP/RSS project file. If exploited, a threat actor may be able to perform a remote code execution. Connected devices may also be impacted by exploitation of this vulnerability.

Credit: PSIRT@rockwellautomation.com

Affected Software	Affected Version	How to fix
RSLogix
Rockwell Automation RSLogix 500 Standard Edition

Never miss a vulnerability like this again

Reference Links

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1701.html

Frequently Asked Questions

What is the severity of CVE-2024-7847?
CVE-2024-7847 has a severity rating that indicates a significant potential for impact on the affected systems.
How do I fix CVE-2024-7847?
To fix CVE-2024-7847, users should update to the latest versions of Rockwell Automation RSLogix 5 and RSLogix 500 as recommended by the vendor.
What products are affected by CVE-2024-7847?
CVE-2024-7847 affects Rockwell Automation RSLogix 5 and RSLogix 500 software products.
Who reported CVE-2024-7847?
CVE-2024-7847 was reported by Sharon Brizinov of Claroty Research - Team82.
Is there official documentation for CVE-2024-7847?
Yes, official documentation and details for CVE-2024-7847 can be found in the security advisory from Rockwell Automation.

agent/references
agent/weakness
agent/title
agent/type
agent/first-publish-date
agent/description
agent/severity
agent/author
agent/event
collector/nvd-api
source/NVD
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/rockwell automation
canonical/rslogix
canonical/rockwell automation rslogix 500 standard edition

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.