Vulnerability Details CVE-2024-8626
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.3%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2024-8626
-
cpe:2.3:h:rockwellautomation:1756-en4tr:-
-
cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-
-
cpe:2.3:h:rockwellautomation:compactlogix_5380:-
-
cpe:2.3:h:rockwellautomation:compactlogix_5480:-
-
cpe:2.3:h:rockwellautomation:controllogix_5580:-
-
cpe:2.3:h:rockwellautomation:guardlogix_5580:-
-
cpe:2.3:o:rockwellautomation:1756-en4tr_firmware:3.002
-
cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:33.011
-
cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:33.012
-
cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:33.011
-
cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:33.012
-
cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:33.011
-
cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:33.012
-
cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:33.011
-
cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:33.012
-
cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:33.011
-
cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:33.012