#CVE-2024-6242

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

by

August 5, 2024 at 02:18AM A high-severity security bypass vulnerability (CVE-2024-6242, CVSS 8.4) in Rockwell Automation ControlLogix 1756 devices, disclosed by the U.S. Cybersecurity and Infrastructure Security Agency, allows attackers to execute CIP commands, potentially modifying user projects and device configuration. The vulnerability has been addressed in specific device versions after responsible disclosure. Claroty, the … Read more

Security Bypass Vulnerability Found in Rockwell Automation Logix Controllers 

by

August 2, 2024 at 08:12AM Rockwell Automation’s Logix programmable logic controllers (PLCs) were found to have a high-severity security bypass vulnerability by Claroty. The flaw, tracked as CVE-2024-6242, impacts ControlLogix 1756 devices and other controllers. Both Rockwell and CISA issued advisories and released patches. Exploitation requires network access to the targeted device, presenting serious implications. … Read more