CVE-2024-21916

Rockwell Automation Denial-of-service Vulnerability in ICE1 Controller

Description

A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF.

Remediation

Solution:

* Update to corrected Firmware. Affected Product First Known in Firmware Corrected in Firmware ControlLogix® 5570 20.011 v33.016, 34.013, 35.012, 36.011 and later GuardLogix® 5570 20.011 v33.016, 34.013, 35.012, 36.011 and later ControlLogix® 5570 redundant 20.054_kit1 v33.053_kit1, 34.052_kit1, 35.052_kit1, 36.051_kit1 and late

References

Link	Tags
https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2024-21916?: CVE-2024-21916 has been scored as a high severity vulnerability.
How to fix CVE-2024-21916?: To fix CVE-2024-21916: * Update to corrected Firmware. Affected Product First Known in Firmware Corrected in Firmware ControlLogix® 5570 20.011 v33.016, 34.013, 35.012, 36.011 and later GuardLogix® 5570 20.011 v33.016, 34.013, 35.012, 36.011 and later ControlLogix® 5570 redundant 20.054_kit1 v33.053_kit1, 34.052_kit1, 35.052_kit1, 36.051_kit1 and late
Is CVE-2024-21916 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-21916 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-21916?: CVE-2024-21916 affects Rockwell Automation ControlLogix® 5570, Rockwell Automation GuardLogix® 5570, Rockwell Automation ControlLogix® 5570 redundant.

Description

Remediation

Category

CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer

References

Frequently Asked Questions