Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Rockwell Automation ControlLogix Flaw

September 12, 2024
Reading Time: 2 mins read
in Alerts

Rockwell Automation has identified a vulnerability in its ControlLogix, GuardLogix, CompactLogix, and Compact GuardLogix series controllers, as well as the 1756-EN4 module. The flaw, labeled CVE-2024-6077, stems from improper input validation, specifically when specially crafted packets are sent to the CIP security object. This vulnerability could lead to a denial-of-service (DoS) condition, making the affected device unavailable and requiring a factory reset to recover. The CVSS v4 score for this vulnerability is 8.7, indicating a high level of severity, though it is exploitable with low attack complexity.

The vulnerability impacts several versions of these controllers, including ControlLogix 5580, CompactLogix 5380, and CompactLogix 5480, with versions up to v32.011 being affected. When exploited, the flaw forces a device into a state of unavailability, requiring a factory reset for recovery. Rockwell Automation has provided updated versions, including v33.017 and later, that resolve this vulnerability. Users are urged to upgrade their systems to these versions to mitigate the risk of exploitation.

For users unable to perform upgrades, Rockwell Automation recommends disabling the CIP security feature or following other suggested security best practices to reduce the likelihood of exploitation. Additionally, CISA has issued guidance to minimize the risk of exploitation, advising that control systems be protected from internet exposure and placed behind firewalls. Secure methods of remote access, such as virtual private networks (VPNs), are also recommended, with the caveat that VPNs must be kept up to date and secure.

No known public exploitation of this vulnerability has been reported at the time of the advisory’s release. Rockwell Automation continues to offer mitigation strategies and urges affected users to follow the provided guidelines for securing their devices. CISA also encourages organizations to implement comprehensive cybersecurity strategies for the defense of critical infrastructure assets, with resources available to help with threat detection and response.

 

Reference:

  • Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380

Tags: CISACompact GuardLogixCompactLogixControlLogixCyber AlertsCyber Alerts 2024Cyber threatsGuardLogixRockwell AutomationSeptember 2024Vulnerabilities
ADVERTISEMENT

Related Posts

VexTrio TDS Uses Adtech To Spread Malware

Simple Typo Breaks AI Safety Via TokenBreak

June 13, 2025
VexTrio TDS Uses Adtech To Spread Malware

VexTrio TDS Uses Adtech To Spread Malware

June 13, 2025
VexTrio TDS Uses Adtech To Spread Malware

Old Discord Links Now Lead To Malware

June 13, 2025
SmartAttack Uses Sound To Steal PC Data

SmartAttack Uses Sound To Steal PC Data

June 13, 2025
SmartAttack Uses Sound To Steal PC Data

Coordinated Brute Force Hits Tomcat Manager

June 13, 2025
SmartAttack Uses Sound To Steal PC Data

Pentest Tool TeamFiltration Hits Entra ID

June 12, 2025

Latest Alerts

Old Discord Links Now Lead To Malware

VexTrio TDS Uses Adtech To Spread Malware

Simple Typo Breaks AI Safety Via TokenBreak

Coordinated Brute Force Hits Tomcat Manager

SmartAttack Uses Sound To Steal PC Data

Pentest Tool TeamFiltration Hits Entra ID

Subscribe to our newsletter

    Latest Incidents

    Cyberattack On Brussels Parliament Continues

    Swedish Broadcaster SVT Hit By DDoS

    Major Google Cloud Outage Disrupts Web

    AI Spam Hijacks Official US Vaccine Site

    DragonForce Ransomware Hits Philly Schools

    Erie Insurance Cyberattack Halts Operations

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial