{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-5659",
        "ASSIGNER": "PSIRT@rockwellautomation.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port.\u00a0If exploited, the availability of the device would be compromised."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-670 Always-Incorrect Control Flow Implementation",
                        "cweId": "CWE-670"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Rockwell Automation",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "ControlLogix\u00ae 5580",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "34.011"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "GuardLogix 5580",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "34.011"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "1756-EN4",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "4.001"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "CompactLogix 5380",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "34.011"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "Compact GuardLogix 5380",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "34.011"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "CompactLogix 5480",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "34.011"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html",
                "refsource": "MISC",
                "name": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1673.html"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.2.0"
    },
    "source": {
        "discovery": "EXTERNAL"
    },
    "solution": [
        {
            "lang": "en",
            "supportingMedia": [
                {
                    "base64": false,
                    "type": "text/html",
                    "value": "\n\n<table><tbody><tr><td><p>Affected Product</p></td><td><p>First Known in firmware revision</p></td><td><p>Corrected in firmware revision</p></td></tr><tr><td><p>ControlLogix\u00ae 5580</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later</p></td></tr><tr><td><p>GuardLogix 5580</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later </p></td></tr><tr><td><p>1756-EN4</p></td><td><p>V4.001</p></td><td><p>V6.001 and later</p></td></tr><tr><td><p>CompactLogix 5380</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later </p></td></tr><tr><td><p><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">Compact GuardLogix </a><b>&nbsp;</b>5380</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later </p></td></tr><tr><td><p>CompactLogix 5480</p></td><td><p>V34.011</p></td><td><p>V34.014, V35.013, V36.011 and later</p></td></tr></tbody></table><br>\n\n<p><b>Mitigations and Workarounds</b></p><p>Users using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.</p><p>\u00b7 &nbsp; &nbsp; &nbsp; Users who do not use <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">Automatic Policy Deployment (APD)</a>&nbsp;should block <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">mDNS port, 5353</a>&nbsp;to help prevent communication.</p><p>\u00b7 &nbsp; &nbsp; &nbsp; Enable CIP <a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\"></a><a target=\"_blank\" rel=\"nofollow\">Security. </a><a target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf\">CIP Security with Rockwell Automation Products Application Technique</a></p><p>\u00b7 &nbsp; &nbsp; &nbsp; <a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></p>\n\n<br>"
                }
            ],
            "value": "Affected Product\n\nFirst Known in firmware revision\n\nCorrected in firmware revision\n\nControlLogix\u00ae 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\nGuardLogix 5580\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\n1756-EN4\n\nV4.001\n\nV6.001 and later\n\nCompactLogix 5380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompact GuardLogix \u00a05380\n\nV34.011\n\nV34.014, V35.013, V36.011 and later \n\nCompactLogix 5480\n\nV34.011\n\nV34.014, V35.013, V36.011 and later\n\n\n\n\nMitigations and Workarounds\n\nUsers using the affected software and who are not able to upgrade to one of the corrected versions are encouraged to apply the risk mitigations, where possible.\n\n\u00b7 \u00a0 \u00a0 \u00a0 Users who do not use  CIP Security with Rockwell Automation Products Application Technique https://literature.rockwellautomation.com/idc/groups/literature/documents/at/secure-at001_-en-p.pdf \n\n\u00b7 \u00a0 \u00a0 \u00a0  Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
        }
    ]
}