Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Rockwell Automation ControlLogix Flaw

September 12, 2024
Reading Time: 2 mins read
in Alerts

Rockwell Automation has identified a vulnerability in its ControlLogix, GuardLogix, CompactLogix, and Compact GuardLogix series controllers, as well as the 1756-EN4 module. The flaw, labeled CVE-2024-6077, stems from improper input validation, specifically when specially crafted packets are sent to the CIP security object. This vulnerability could lead to a denial-of-service (DoS) condition, making the affected device unavailable and requiring a factory reset to recover. The CVSS v4 score for this vulnerability is 8.7, indicating a high level of severity, though it is exploitable with low attack complexity.

The vulnerability impacts several versions of these controllers, including ControlLogix 5580, CompactLogix 5380, and CompactLogix 5480, with versions up to v32.011 being affected. When exploited, the flaw forces a device into a state of unavailability, requiring a factory reset for recovery. Rockwell Automation has provided updated versions, including v33.017 and later, that resolve this vulnerability. Users are urged to upgrade their systems to these versions to mitigate the risk of exploitation.

For users unable to perform upgrades, Rockwell Automation recommends disabling the CIP security feature or following other suggested security best practices to reduce the likelihood of exploitation. Additionally, CISA has issued guidance to minimize the risk of exploitation, advising that control systems be protected from internet exposure and placed behind firewalls. Secure methods of remote access, such as virtual private networks (VPNs), are also recommended, with the caveat that VPNs must be kept up to date and secure.

No known public exploitation of this vulnerability has been reported at the time of the advisory’s release. Rockwell Automation continues to offer mitigation strategies and urges affected users to follow the provided guidelines for securing their devices. CISA also encourages organizations to implement comprehensive cybersecurity strategies for the defense of critical infrastructure assets, with resources available to help with threat detection and response.

 

Reference:

  • Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380

Tags: CISACompact GuardLogixCompactLogixControlLogixCyber AlertsCyber Alerts 2024Cyber threatsGuardLogixRockwell AutomationSeptember 2024Vulnerabilities
ADVERTISEMENT

Related Posts

Fake PyPI Login Site Steals Credentials

Fake PyPI Login Site Steals Credentials

September 26, 2025
Fake PyPI Login Site Steals Credentials

Google Warns of BRICKSTORM Malware

September 26, 2025
Fake PyPI Login Site Steals Credentials

Hidden WordPress Backdoors Create Admins

September 26, 2025
BadIIS Malware Spreads Via SEO Poisoning

Hackers Target AWS and Steal Credentials

September 24, 2025
BadIIS Malware Spreads Via SEO Poisoning

SonicWall SMA100 Update Removes Rootkit

September 24, 2025
BadIIS Malware Spreads Via SEO Poisoning

BadIIS Malware Spreads Via SEO Poisoning

September 24, 2025

Latest Alerts

Fake PyPI Login Site Steals Credentials

Google Warns of BRICKSTORM Malware

Hidden WordPress Backdoors Create Admins

Hackers Target AWS and Steal Credentials

SonicWall SMA100 Update Removes Rootkit

BadIIS Malware Spreads Via SEO Poisoning

Subscribe to our newsletter

    Latest Incidents

    Indian Bank Transfer Records Exposed

    Chinese Cyberspies Hit US Defense Firms

    Neon App Shuts Down After Data Leak

    Boyd Gaming Reports Data Breach After Attack

    Morrisroe UK Company Hit By Cyber Attack

    GeoServer Flaw Breaches US Agency Network

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial