CVE-2024-7515

moderate-risk
Published 2024-08-14

CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the affected products. A malformed PTP management packet can cause a major nonrecoverable fault in the controller.

Do I need to act?

-
0.16% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (12)

Compactlogix 5380 Firmware
Compactlogix 5380 Firmware
Controllogix 5580 Firmware
Controllogix 5580 Firmware
Guardlogix 5580 Firmware
Guardlogix 5580 Firmware
Compact Guardlogix 5380 Sil 2 Firmware
Compact Guardlogix 5380 Sil 2 Firmware
Compact Guardlogix 5380 Sil 3 Firmware
Compact Guardlogix 5380 Sil 3 Firmware
Compactlogix 5480 Firmware
Compactlogix 5480 Firmware

Affected Vendors

Rockwellautomation

References (1)

Vendor Advisory https://www.rockwellautomation.com/en-us/trust-center/security-advisories/adviso...
44
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 1/34 · Minimal
Exposure 17/34 · Moderate