CVE-2024-7515

Name of the Vulnerable Software and Affected Versions Rockwell Automation ControlLogix/GuardLogix 5580 versions (affected versions not specified) Rockwell Automation CompactLogix/Compact GuardLogix 5380 versions (affected versions not specified)

Description The issue is related to errors in processing input data, which can be exploited by a remote attacker to cause a denial-of-service by sending a specially crafted PTP packet. This can result in a major nonrecoverable fault in the controller.

Recommendations For Rockwell Automation ControlLogix/GuardLogix 5580, consider restricting access to the PTP management packet handling functionality until a patch is available. For Rockwell Automation CompactLogix/Compact GuardLogix 5380, avoid using the PTP protocol in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.