Published Date: August 1, 2024
Last updated: August 29th, 2024
Revision Number: 2.0
August 29, 2024 - Updated Affected Products and Solution Chart for 1756-EN2T, 1756-EN2F, 1756-EN2TR, 1756-EN3TR
CVSS Score: 3.1: 8.4/10, 4.0:/8.5
AFFECTED PRODUCTS AND SOLUTION
Corrected in Firmware Revision |
||
ControlLogix® 5580 (1756-L8z) |
V28 |
V32.016, V33.015, V34.014,
|
GuardLogix® 5580 (1756-L8zS) |
V31 |
V32.016, V33.015, V34.014, |
1756-EN4TR |
V2 |
V5.001 and later |
1756-EN2T , Series A/B/C 1756-EN2F, Series A/B 1756-EN2TR, Series A/B 1756-EN3TR, Series A |
v5.007(unsigned)/v5.027(signed) |
No fix for Series A/B/C. Upgrade to Series D. No fix for Series A/B. Upgrade to Series C. No fix for Series A/B. Upgrade to Series C. No fix for Series A. Upgrade to Series B. |
1756-EN2T, Series D 1756-EN2F, Series C 1756-EN2TR, Series C 1756-EN3TR, Series B 1756-EN2TP, Series A |
1756-EN2T/D: V10.006 1756-EN2F/C: V10.009 1756-EN2TR/C: V10.007 1756-EN3TR/B: V10.007 1756-EN2TP/A: V10.020 |
V12.001 and later |
VULNERABILITY DETAILS
CVE-2024-6242 IMPACT
A vulnerability exists in the affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device configuration on a Logix controller in the chassis.
CVSS Base Score v3.1: 8.4/10
CVSS Vector: CVSS:3.1 /AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H
CVSS Base Score v4.0: 7.3/10
CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H
CWE: CWE-420: Unprotected Alternate Channel
Known Exploited Vulnerability (KEV) database: No
Users can use Stakeholder-Specific Vulnerability Categorization to generate more environment-specific prioritization.
Mitigations and Workarounds
Users using the affected firmware and who are not able to upgrade to one of the corrected versions are encouraged to apply the following mitigation and security best practices, where possible.
· Limit the allowed CIP commands on controllers by setting the mode switch to the RUN position.
ADDITIONAL RESOURCES
The following link provides CVE information in Vulnerability Exploitability Exchange (VEX) format, which is machine readable and can be used to automate vulnerability management and tracking activities.