Detections
Analytics

Rockwell ControlLogix Uncontrolled Resource Consumption (CVE-2024-8626)

high Tenable OT Security Plugin ID 502654

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Due to a memory leak, a denial-of-service vulnerability exists in the affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain webpages of the product causing the affected products to become fully unavailable and require a power cycle to recover.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Rockwell Automation offers users the following solutions:

 CompactLogix 5380: Update to v33.015 and later for versions 33. Update to v34.011 and later Compact GuardLogix 5380: Update to v33.015 and later for versions 33. Update to v34.011 and later CompactLogix 5480: Update to v33.015 and later for versions 33. Update to v34.011 and later ControlLogix 5580: Update to v33.015 and later for versions 33. Update to v34.011 and later GuardLogix 5580: Update to v33.015 and later for versions 33. Update to v34.011 and later 1756-EN4TR: Update to version 4.001 and later

Users with the affected software are encouraged to apply the risk mitigations, if possible..

See Also

http://www.nessus.org/u?43fc79e9

https://www.cisa.gov/news-events/ics-advisories/icsa-24-284-18

Plugin Details

Severity: High

ID: 502654

Version: 1.2

Type: remote

Family: Tenable.ot

Published: 10/23/2024

Updated: 10/24/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:rockwellautomation:compactlogix_5480_firmware, cpe:/o:rockwellautomation:compact_guardlogix_5380_firmware, cpe:/o:rockwellautomation:controllogix_5580_firmware, cpe:/o:rockwellautomation:1756-en4tr_firmware, cpe:/o:rockwellautomation:compactlogix_5380_firmware, cpe:/o:rockwellautomation:guardlogix_5580_firmware

Required KB Items: Tenable.ot/Rockwell

Exploit Ease: No known exploits are available

Patch Publication Date: 10/10/2024

Vulnerability Publication Date: 10/7/2024

Reference Information

CVE: CVE-2024-8626

CWE: 400

ICSA: 24-284-18