Loading

Chassis Restrictions Bypass Vulnerability in Select Logix Devices

Severity:
High
Advisory ID:
SD1682
Data pubblicazione:
July 31, 2024
Ultimo aggiornamento:
October 16, 2024
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Workaround:
CVE IDs
CVE-2024-6242
Download
The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:
JSON
Riepilogo
Chassis Restrictions Bypass Vulnerability in Select Logix Devices

Published Date: August 1, 2024

Last updated: August 29th, 2024 

Revision Number: 2.0

    August 29, 2024 - Updated Affected Products and Solution Chart  for 1756-EN2T, 1756-EN2F, 1756-EN2TR, 1756-EN3TR

CVSS Score: 3.1: 8.4/10, 4.0:/8.5

 

AFFECTED PRODUCTS AND SOLUTION

Affected Product

First Known in Firmware Revision

Corrected in Firmware Revision

ControlLogix® 5580 (1756-L8z)

V28

 V32.016, V33.015, V34.014,
V35.011 and later

GuardLogix® 5580  (1756-L8zS)

V31

V32.016, V33.015, V34.014,
V35.011 and later

1756-EN4TR

V2

V5.001 and later

1756-EN2T , Series A/B/C

1756-EN2F, Series A/B

1756-EN2TR, Series A/B

1756-EN3TR, Series A

v5.007(unsigned)/v5.027(signed)

No fix for Series A/B/C. Upgrade to Series D.

No fix for Series A/B. Upgrade to Series C.

No fix for Series A/B. Upgrade to Series C.

No fix for Series A. Upgrade to Series B.

1756-EN2T, Series D

1756-EN2F, Series C

1756-EN2TR, Series C

1756-EN3TR, Series B

1756-EN2TP, Series A

1756-EN2T/D: V10.006

1756-EN2F/C: V10.009

1756-EN2TR/C: V10.007

1756-EN3TR/B: V10.007

1756-EN2TP/A: V10.020

V12.001  and later

 

VULNERABILITY DETAILS

Rockwell Automation used version 3.1 and 4.0 of the CVSS scoring system to assess the following vulnerabilities. Claroty reported the following vulnerability. 

CVE-2024-6242 IMPACT                                                                                                                                       

A vulnerability exists in the affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.  

CVSS Base Score v3.1: 8.4/10 

CVSS Vector: CVSS:3.1 /AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H

CVSS Base Score v4.0: 7.3/10

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H

CWE-420: Unprotected Alternate Channel

Known Exploited Vulnerability (KEV) database:  No

Users can use Stakeholder-Specific Vulnerability Categorization  to generate more environment-specific prioritization.

Mitigations and Workarounds 

Users using the affected firmware and who are not able to upgrade to one of the corrected versions are encouraged to apply the following mitigation and security best practices, where possible. 

·       Limit the allowed CIP commands on controllers by setting the mode switch to the RUN position.

·       Security Best Practices

 ADDITIONAL RESOURCES

The following link provides CVE information in Vulnerability Exploitability Exchange (VEX) format, which is machine readable and can be used to automate vulnerability management and tracking activities.    

·       JSON CVE 2024-6242

·       System Security Design Guidelines

Copyright ©2022 Rockwell Automation, Inc.