CVE-2024-3493
CVSS 3.1 Score 8.6 of 10 (high)
Details
Published Apr 15, 2024
Updated: Apr 16, 2024
CWE ID 20
Summary
CVE-2024-3493 is a vulnerability affecting Rockwell Automation's ControlLogix 5580, Guard Logix, CompactLogix 5380, and 1756-EN4TR. This issue involves a malformed fragmented packet that can cause a major nonrecoverable fault (MNRF), leading to the affected product becoming unavailable and requiring manual restart. Such an event could also result in a loss of view and control over connected devices. Automatically generated fragmented packets from devices sending large amounts of data can potentially trigger this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share