April 30, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Popular PuTTY SSH Client Open to be Targeted in Key Recovery Attacks
April 17, 2024A New Raspberry Robin Malware – Active IOCs
April 17, 2024Popular PuTTY SSH Client Open to be Targeted in Key Recovery Attacks
April 17, 2024A New Raspberry Robin Malware – Active IOCs
April 17, 2024
Severity
High
Analysis Summary
CVE-2024-3493
Rockwell Automation ControlLogix and GuardLogix are vulnerable to a denial of service, caused by improper validation for packets. By sending malformed fragmented packets, a remote attacker could exploit this vulnerability to cause a major nonrecoverable fault, leading to a denial of service condition.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-3493
Affected Vendors
Rockwell Automation
Affected Products
- Rockwell Automation ControlLogix 5580 v35.011
- Rockwell Automation GuardLogix 5580 v35.011
- Rockwell Automation CompactLogix 5380 v5.001
- Rockwell Automation 1756-EN4TR v5.001
Remediation
Refer to Rockwell Automation Security Document for patch, upgrade or suggested workaround information.