June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Threat Actors Breach Construction Companies by Exploiting FOUNDATION Software’s Default Credentials
September 20, 2024
An Emerging Ducktail Infostealer – Active IOCs
September 20, 2024
Threat Actors Breach Construction Companies by Exploiting FOUNDATION Software’s Default Credentials
September 20, 2024
An Emerging Ducktail Infostealer – Active IOCs
September 20, 2024
Severity
High
Analysis Summary
CVE-2024-7847
Rockwell Automation RSLogix 5 and RSLogix 500 could allow a local attacker to execute arbitrary code on the system, caused by insufficient verification of data authenticity. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-7847
Affected Vendors
Rockwell Automation
Affected Products
- Rockwell Automation RSLogix Micro Developer and Starter
- Rockwell Automation RSLogix 500
- Rockwell Automation RSLogix 5
Remediation
Refer to Rockwell Automation Website for patch, upgrade or suggested workaround information.
