8.7
CVE-2024-7507
- EPSS 0.08%
- Published 14.08.2024 20:15:12
- Last modified 04.03.2025 17:11:31
- Source PSIRT@rockwellautomation.com
- Teams watchlist Login
- Open Login
CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the affected products. This vulnerability occurs when a malformed PCCC message is received, causing a fault in the controller.
Data is provided by the National Vulnerability Database (NVD)
Rockwellautomation ≫ Compactlogix 5380 Firmware Version >= 28.011 < 34.014
Rockwellautomation ≫ Compactlogix 5380 Firmware Version35.011
Rockwellautomation ≫ Controllogix 5580 Firmware Version >= 28.011 < 34.014
Rockwellautomation ≫ Controllogix 5580 Firmware Version35.011
Rockwellautomation ≫ Guardlogix 5580 Firmware Version >= 31.011 < 34.014
Rockwellautomation ≫ Guardlogix 5580 Firmware Version35.011
Rockwellautomation ≫ Compact Guardlogix 5380 Sil 2 Firmware Version >= 31.011 < 34.014
Rockwellautomation ≫ Compact Guardlogix 5380 Sil 2 Firmware Version35.011
Rockwellautomation ≫ Compact Guardlogix 5380 Sil 3 Firmware Version >= 32.013 < 34.014
Rockwellautomation ≫ Compact Guardlogix 5380 Sil 3 Firmware Version35.011
Rockwellautomation ≫ Compactlogix 5480 Firmware Version >= 32.011 < 34.014
Rockwellautomation ≫ Compactlogix 5480 Firmware Version35.011
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.255 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| PSIRT@rockwellautomation.com | 8.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.