CVSS: 8.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-8626 – Logix Controllers Vulnerable to Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-8626
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1706.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-40619 – Rockwell Automation GuardLogix/ControlLogix 5580 Controller denial-of-service Vulnerability via Malformed Packet Handling
https://notcve.org/view.php?id=CVE-2024-40619
CVE-2024-40619 IMPACT A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201690.html • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-7515 – Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Controller Denial-of-Service Vulnerability via Input Validation
https://notcve.org/view.php?id=CVE-2024-7515
CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201686.html • CWE-20: Improper Input Validation •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-7507 – Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Controller Denial-of-Service Vulnerability via Input Validation
https://notcve.org/view.php?id=CVE-2024-7507
CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201685.html • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-5659 – Rockwell Automation Multicast Request Causes major nonrecoverable fault on Select Controllers
https://notcve.org/view.php?id=CVE-2024-5659
Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device would be compromised. Rockwell Automation fue informado de una vulnerabilidad que hace que todos los controladores afectados en la misma red produzcan una falla importante no recuperable (MNRF/Assert). Esta vulnerabilidad podría explotarse enviando paquetes anormales al puerto mDNS. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html • CWE-670: Always-Incorrect Control Flow Implementation •