CVE-2024-21916

A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:rockwellautomation:controllogix_5570_controller_firmware:20.011:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:controllogix_5570_controller:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:20.011:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:guardlogix_5570_controller:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:rockwellautomation:controllogix_5570_redundant_controller_firmware:20.054_kit1:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:controllogix_5570_redundant_controller:-:*:*:*:*:*:*:*

History

08 Feb 2024, 01:34

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-119
First Time Rockwellautomation guardlogix 5570 Controller
Rockwellautomation
Rockwellautomation controllogix 5570 Controller Firmware
Rockwellautomation guardlogix 5570 Controller Firmware
Rockwellautomation controllogix 5570 Redundant Controller
Rockwellautomation controllogix 5570 Controller
Rockwellautomation controllogix 5570 Redundant Controller Firmware
CPE cpe:2.3:o:rockwellautomation:controllogix_5570_controller_firmware:20.011:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:guardlogix_5570_controller:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:controllogix_5570_controller:-:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:guardlogix_5570_controller_firmware:20.011:*:*:*:*:*:*:*
cpe:2.3:o:rockwellautomation:controllogix_5570_redundant_controller_firmware:20.054_kit1:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:controllogix_5570_redundant_controller:-:*:*:*:*:*:*:*
References () https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html - () https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html - Vendor Advisory

31 Jan 2024, 19:54

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-31 19:15

Updated : 2024-02-28 20:54


NVD link : CVE-2024-21916

Mitre link : CVE-2024-21916

CVE.ORG link : CVE-2024-21916


JSON object : View

Products Affected

rockwellautomation

  • guardlogix_5570_controller_firmware
  • controllogix_5570_controller
  • controllogix_5570_redundant_controller
  • controllogix_5570_controller_firmware
  • controllogix_5570_redundant_controller_firmware
  • guardlogix_5570_controller
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer