CVE-2024-21916

Summary

A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF.

Affected Software

VendorProductVersion RangeStatus
Rockwell AutomationControlLogix® 557020.011affected
Rockwell AutomationGuardLogix® 557020.011affected
Rockwell AutomationControlLogix® 5570 redundant20.054_kit1affected

Weaknesses

  • CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References