Vulnerability Description
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailable and require a factory reset to recover.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Compactlogix 5380 Firmware | 32.011 |
| Rockwellautomation | Compactlogix 5380 | - |
| Rockwellautomation | Compact Guardlogix 5380 Sil 2 Firmware | 32.013 |
| Rockwellautomation | Compact Guardlogix 5380 Sil 2 | - |
| Rockwellautomation | Compact Guardlogix 5380 Sil 3 Firmware | 32.011 |
| Rockwellautomation | Compact Guardlogix 5380 Sil 3 | - |
| Rockwellautomation | Compactlogix 5480 Firmware | 32.011 |
| Rockwellautomation | Compactlogix 5480 | - |
| Rockwellautomation | Controllogix 5580 Firmware | 33.011 |
| Rockwellautomation | Controllogix 5580 | - |
| Rockwellautomation | Guardlogix 5580 Firmware | 32.011 |
| Rockwellautomation | Guardlogix 5580 | - |
| Rockwellautomation | 1756-En4 Firmware | 2.001 |
| Rockwellautomation | 1756-En4 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-6077?
CVE-2024-6077 is a vulnerability with a CVSS score of 7.5 (HIGH). A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailabl...
How severe is CVE-2024-6077?
CVE-2024-6077 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-6077?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Compactlogix 5380 Firmware, Rockwellautomation Compactlogix 5380, Rockwellautomation Compact Guardlogix 5380 Sil 2 Firmware, Rockwellautomation Compact Guardlogix 5380 Sil 2, Rockwellautomation Compact Guardlogix 5380 Sil 3 Firmware.