Rockwell
CVE-2024-6242
HIGH
Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (rockwellautomation) · only source for this CVE.
CVSS VectorVendor: rockwellautomation
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.
AnalysisAI
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-420. A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.
Affected ProductsAI
Rockwell Automation affected products that.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to int
All versions of FactoryTalk View SE do not properly validate input of filenames within a project directory. Rated high s
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Rated critical
In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer.
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. Rated critical severity (CVSS 9.8), this vulnerability is
An Improper Input Validation issue was discovered in Rockwell Automation MicroLogix 1100 controllers 1763-L16BWA, 1763-L
Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32B
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to imprope
The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware imag
An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. Rated high severity (CVSS 8.1), this vul
In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager Thi
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Br
Same weakness CWE-420 – Unprotected Alternate Channel
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today