ICS: Rockwell Automation GuardLogix/ControlLogix Vulnerability

Severity

High

Analysis Summary

CVE-2024-40619

Rockwell Automation GuardLogix/ControlLogix 5580 Controller is vulnerable to a denial of service, caused by an error in packet handling. By sending a specially crafted CIP packet, a remote attacker could exploit this vulnerability to cause a denial of service.

Impact

Denial of Service

Indicators of Compromise

CVE

CVE-2024-40619

Affected Vendors

Rockwell Automation

Affected Products

Rockwell Automation ControlLogix® 5580 - 34.011
Rockwell Automation GuardLogix 5580 - 34.011

Remediation

Upgrade to the latest version of GuardLogix 5580, available from the Rockwell Automation Website.

Rockwell Automation Website

An Emerging Ducktail Infostealer – Active IOCs

Multiple Google Android Vulnerabilities

ICS: Rockwell Automation GuardLogix/ControlLogix Vulnerability

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan