CVE-2024-6242
Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H
Produtos afetados
Rockwell Automation · 1756-EN2FRockwell Automation · 1756-EN2TRockwell Automation · 1756-EN2TPRockwell Automation · 1756-EN2TRRockwell Automation · 1756-EN3TRRockwell Automation · 1756-EN4TRRockwell Automation · ControlLogix® 5580 (1756-L8z)Rockwell Automation · GuardLogix® 5580 (1756-L8zS)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →