8.7
CVE-2024-7515
- EPSS 0.2%
- Veröffentlicht 14.08.2024 20:15:13
- Zuletzt bearbeitet 04.03.2025 17:11:31
- Quelle PSIRT@rockwellautomation.com
- Teams Watchlist Login
- Unerledigt Login
CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rockwellautomation ≫ Compactlogix 5380 Firmware Version >= 28.011 < 34.014
Rockwellautomation ≫ Compactlogix 5380 Firmware Version35.011
Rockwellautomation ≫ Controllogix 5580 Firmware Version >= 28.011 < 34.014
Rockwellautomation ≫ Controllogix 5580 Firmware Version35.011
Rockwellautomation ≫ Guardlogix 5580 Firmware Version >= 31.011 < 34.014
Rockwellautomation ≫ Guardlogix 5580 Firmware Version35.011
Rockwellautomation ≫ Compact Guardlogix 5380 Sil 2 Firmware Version >= 31.011 < 34.014
Rockwellautomation ≫ Compact Guardlogix 5380 Sil 2 Firmware Version35.011
Rockwellautomation ≫ Compact Guardlogix 5380 Sil 3 Firmware Version >= 32.013 < 34.014
Rockwellautomation ≫ Compact Guardlogix 5380 Sil 3 Firmware Version35.011
Rockwellautomation ≫ Compactlogix 5480 Firmware Version >= 32.011 < 34.014
Rockwellautomation ≫ Compactlogix 5480 Firmware Version35.011
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.422 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| PSIRT@rockwellautomation.com | 8.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.