{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-3493","assignerOrgId":"b73dd486-f505-4403-b634-40b078b177f0","state":"PUBLISHED","assignerShortName":"Rockwell","dateReserved":"2024-04-08T21:46:38.867Z","datePublished":"2024-04-15T21:17:36.077Z","dateUpdated":"2024-08-12T15:16:08.155Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"ControlLogix 5580","vendor":"Rockwell Automation","versions":[{"status":"affected","version":"v35.011"}]},{"defaultStatus":"unaffected","product":"GuardLogix 5580","vendor":"Rockwell Automation","versions":[{"status":"affected","version":"v35.011"}]},{"defaultStatus":"unaffected","product":"CompactLogix 5380","vendor":"Rockwell Automation","versions":[{"status":"affected","version":"v5.001"}]},{"defaultStatus":"unaffected","product":"1756-EN4TR","vendor":"Rockwell Automation","versions":[{"status":"affected","version":"v5.001"}]}],"datePublic":"2024-04-12T01:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"\n\n<span style=\"background-color: rgb(255, 255, 255);\">A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix&nbsp;5580,&nbsp;CompactLogix 5380,&nbsp;and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. </span>\n\n"}],"value":"\nA specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the affected product will become unavailable and require a manual restart to recover it. Additionally, an MNRF could result in a loss of view and/or control of connected devices. \n\n"}],"impacts":[{"capecId":"CAPEC-137","descriptions":[{"lang":"en","value":"CAPEC-137 Parameter Injection"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.6,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"b73dd486-f505-4403-b634-40b078b177f0","shortName":"Rockwell","dateUpdated":"2024-04-15T21:29:33.269Z"},"references":[{"url":"https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"\n\n<p>\n\n</p><table><tbody><tr><td><p><br>Affected Product</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>First Known in Firmware Revision</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>Corrected in Firmware Revision</p><p>&nbsp;</p><p>&nbsp;</p></td></tr><tr><td><p>&nbsp;</p><p>&nbsp;</p><p>ControlLogix® 5580</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>V35.011</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>V35.013, V36.011</p><p>&nbsp;</p><p>&nbsp;</p></td></tr><tr><td><p>&nbsp;</p><p>&nbsp;</p><p>GuardLogix 5580</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>V35.011</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>V35.013, V36.011</p><p>&nbsp;</p><p>&nbsp;</p></td></tr><tr><td><p>&nbsp;</p><p>&nbsp;</p><p>CompactLogix 5380</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>V35.011</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>V35.013, V36.011</p><p>&nbsp;</p><p>&nbsp;</p></td></tr><tr><td><p>&nbsp;</p><p>&nbsp;</p><p>1756-EN4TR</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>V5.001</p><p>&nbsp;</p><p>&nbsp;</p></td><td><p>&nbsp;</p><p>&nbsp;</p><p>V6.001</p><p>&nbsp;</p><p>&nbsp;</p></td></tr></tbody></table>\n\n<br><br><p></p><p>Users using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.  </p><ul><li><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a>&nbsp;</p></li></ul>\n\n<br>"}],"value":"\nAffected Product\n\n \n\n \n\n \n\n \n\nFirst Known in Firmware Revision\n\n \n\n \n\n \n\n \n\nCorrected in Firmware Revision\n\n \n\n \n\n \n\n \n\nControlLogix® 5580\n\n \n\n \n\n \n\n \n\nV35.011\n\n \n\n \n\n \n\n \n\nV35.013, V36.011\n\n \n\n \n\n \n\n \n\nGuardLogix 5580\n\n \n\n \n\n \n\n \n\nV35.011\n\n \n\n \n\n \n\n \n\nV35.013, V36.011\n\n \n\n \n\n \n\n \n\nCompactLogix 5380\n\n \n\n \n\n \n\n \n\nV35.011\n\n \n\n \n\n \n\n \n\nV35.013, V36.011\n\n \n\n \n\n \n\n \n\n1756-EN4TR\n\n \n\n \n\n \n\n \n\nV5.001\n\n \n\n \n\n \n\n \n\nV6.001\n\n \n\n \n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply security best practices, where possible.  \n\n  *   Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight  \n\n"}],"source":{"discovery":"INTERNAL"},"title":"Rockwell Automation ControlLogix and GaurdLogix Vulnerable to Major Nonrecoverable Fault Due to Invalid Header Value","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T20:12:07.675Z"},"title":"CVE Program Container","references":[{"url":"https://www.rockwellautomation.com/en-us/support/advisory.SD1666.html","tags":["x_transferred"]}]},{"affected":[{"vendor":"rockwellautomation","product":"guardlogix_5580_firmware","cpes":["cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:35.011:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"35.011","status":"affected"}]},{"vendor":"rockwellautomation","product":"compactlogix_5380_firmware","cpes":["cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:5.001:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"35.011","status":"affected"}]},{"vendor":"rockwellautomation","product":"1756-en4tr_firmware","cpes":["cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"5.001","status":"affected"}]},{"vendor":"rockwellautomation","product":"1756-en4tr_firmware","cpes":["cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:5.001:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"5.001","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-08-12T15:09:28.736089Z","id":"CVE-2024-3493","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-12T15:16:08.155Z"}}]}}