Skip to main content

Controllogix 5580 Firmware

13 CVEs product

Monthly

CVE-2025-9166 HIGH This Month

A denial-of-service security issue exists in the affected product and version. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Controllogix 5580 Firmware
NVD
CVSS 4.0
8.2
EPSS
0.1%
CVE-2024-6207 HIGH This Week

CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Controllogix 5580 Firmware Controllogix 5580 Process Firmware Guardlogix 5580 Firmware Compactlogix 5380 Firmware +4
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2024-8626 HIGH This Week

Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Denial Of Service Compactlogix 5380 Firmware Compact Guardlogix 5380 Firmware Compactlogix 5480 Firmware +3
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2024-6077 HIGH This Week

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Compactlogix 5380 Firmware Compact Guardlogix 5380 Sil 2 Firmware Compact Guardlogix 5380 Sil 3 Firmware +4
NVD
CVSS 4.0
8.7
EPSS
0.6%
CVE-2024-7515 HIGH This Week

CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Compactlogix 5380 Firmware Controllogix 5580 Firmware Guardlogix 5580 Firmware Compact Guardlogix 5380 Sil 2 Firmware +2
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2024-7507 HIGH This Week

CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Compactlogix 5380 Firmware Controllogix 5580 Firmware Guardlogix 5580 Firmware Compact Guardlogix 5380 Sil 2 Firmware +2
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2024-40619 HIGH This Week

CVE-2024-40619 IMPACT A denial-of-service vulnerability exists in the affected products. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Controllogix 5580 Firmware Guardlogix 5580 Firmware
NVD
CVSS 4.0
8.7
EPSS
0.6%
CVE-2024-5659 HIGH This Week

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Controllogix 5580 Firmware Guardlogix 5580 Firmware 1756 En4 Firmware +3
NVD
CVSS 4.0
8.3
EPSS
0.3%
CVE-2024-3493 HIGH This Week

A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Controllogix 5580 Firmware Guardlogix 5580 Firmware Compactlogix 5380 Firmware +5
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-1797 HIGH This Week

A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Rockwell Compactlogix 5380 Firmware Compact Guardlogix 5380 Firmware Compactlogix 5480 Firmware +6
NVD
CVSS 3.1
8.6
EPSS
1.9%
CVE-2022-1161 CRITICAL Act Now

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Compactlogix 1768 L43 Firmware Compactlogix 1768 L45 Firmware Compactlogix 1769 L31 Firmware Compactlogix 1769 L32C Firmware +20
NVD
CVSS 3.1
9.8
EPSS
5.0%
CVE-2022-1159 HIGH This Week

Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Rockwell RCE Code Injection Controllogix 5580 Firmware Guardlogix 5580 Firmware +3
NVD
CVSS 3.1
7.2
EPSS
3.4%
CVE-2017-6024 MEDIUM This Month

A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Rockwell Compactlogix 5380 Firmware Controllogix 5580 Firmware
NVD
CVSS 3.1
5.9
EPSS
0.0%
EPSS 0% CVSS 8.2
HIGH This Month

A denial-of-service security issue exists in the affected product and version. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Controllogix 5580 Firmware
NVD
EPSS 1% CVSS 8.7
HIGH This Week

CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Controllogix 5580 Firmware Controllogix 5580 Process Firmware +6
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Denial Of Service Compactlogix 5380 Firmware +5
NVD
EPSS 1% CVSS 8.7
HIGH This Week

A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Compactlogix 5380 Firmware +6
NVD
EPSS 1% CVSS 8.7
HIGH This Week

CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Compactlogix 5380 Firmware Controllogix 5580 Firmware +4
NVD
EPSS 0% CVSS 8.7
HIGH This Week

CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Compactlogix 5380 Firmware Controllogix 5580 Firmware +4
NVD
EPSS 1% CVSS 8.7
HIGH This Week

CVE-2024-40619 IMPACT A denial-of-service vulnerability exists in the affected products. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Controllogix 5580 Firmware Guardlogix 5580 Firmware
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Controllogix 5580 Firmware +5
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices that send large amounts of data) can cause a major nonrecoverable fault (MNRF) Rockwell. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Controllogix 5580 Firmware +7
NVD
EPSS 2% CVSS 8.6
HIGH This Week

A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Rockwell Compactlogix 5380 Firmware +8
NVD
EPSS 5% CVSS 9.8
CRITICAL Act Now

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Compactlogix 1768 L43 Firmware Compactlogix 1768 L45 Firmware +22
NVD
EPSS 3% CVSS 7.2
HIGH This Week

Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Rockwell RCE Code Injection +5
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Rockwell Compactlogix 5380 Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy