CVE-2024-2426 - Vulnerability Details - OpenCVE

A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper input validation in the device. If exploited, a disruption in the CIP communication will occur and a manual restart will be required by the user to recover it.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	Powerflex 527 Ac Drives Powerflex 527 Ac Drives Firmware

Configuration 1 [-]

AND

cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html

History

Fri, 31 Jan 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Rockwellautomation Rockwellautomation powerflex 527 Ac Drives Rockwellautomation powerflex 527 Ac Drives Firmware
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:::::::* cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware::::::::
Vendors & Products		Rockwellautomation Rockwellautomation powerflex 527 Ac Drives Rockwellautomation powerflex 527 Ac Drives Firmware

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2024-03-25T20:17:22.315Z

Updated: 2024-08-12T20:34:49.585Z

Reserved: 2024-03-13T14:45:10.183Z

Link: CVE-2024-2426

Vulnrichment

Updated: 2024-08-01T19:11:53.564Z

NVD

Status : Analyzed

Published: 2024-03-25T21:15:47.480

Modified: 2025-01-31T15:41:55.917

Link: CVE-2024-2426

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2426", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2024-03-13T14:45:10.183Z", "datePublished": "2024-03-25T20:17:22.315Z", "dateUpdated": "2024-08-12T20:34:49.585Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PowerFlex\u00ae 527", "vendor": "Rockwell Automation ", "versions": [{"status": "affected", "version": " v2.001.x <"}]}], "datePublic": "2024-03-21T13:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper input validation in the device. If exploited, a disruption in the CIP communication will occur and a manual restart will be required by the user to recover it.</span>\n\n"}], "value": "\nA denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper input validation in the device. If exploited, a disruption in the CIP communication will occur and a manual restart will be required by the user to recover it.\n\n"}], "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-03-25T20:18:33.240Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>There is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible.</p><ul><li>Implement network segmentation confirming the device is on an isolated network.</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf\">Disable the web server</a>, if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></li></ul>"}], "value": "\nThere is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible.\n\n * Implement network segmentation confirming the device is on an isolated network.\n * Disable the web server https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf , if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \n\n"}], "source": {"discovery": "INTERNAL"}, "title": "Rockwell Automation - Denial-of-service and Input Validation Vulnerabilities in PowerFlex\u00ae 527", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.564Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "rockwellautomation", "product": "powerflex_527_ac_drives_firmware", "cpes": ["cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.001.0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-26T19:57:16.261756Z", "id": "CVE-2024-2426", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T20:34:49.585Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.564Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2426", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-26T19:57:16.261756Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "powerflex_527_ac_drives_firmware", "versions": [{"status": "affected", "version": "2.001.0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T20:34:45.935Z"}}], "cna": {"title": "Rockwell Automation - Denial-of-service and Input Validation Vulnerabilities in PowerFlex\u00ae 527", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation ", "product": "PowerFlex\u00ae 527", "versions": [{"status": "affected", "version": " v2.001.x <"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "\nThere is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible.\n\n * Implement network segmentation confirming the device is on an isolated network.\n * Disable the web server https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf , if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<p>There is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible.</p><ul><li>Implement network segmentation confirming the device is on an isolated network.</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf\">Disable the web server</a>, if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></li></ul>", "base64": false}]}], "datePublic": "2024-03-21T13:00:00.000Z", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nA denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper input validation in the device. If exploited, a disruption in the CIP communication will occur and a manual restart will be required by the user to recover it.\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper input validation in the device. If exploited, a disruption in the CIP communication will occur and a manual restart will be required by the user to recover it.</span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-03-25T20:18:33.240Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2426", "state": "PUBLISHED", "dateUpdated": "2024-08-12T20:34:49.585Z", "dateReserved": "2024-03-13T14:45:10.183Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2024-03-25T20:17:22.315Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E82898F9-5FA5-428C-AEDA-20E7CD6C229D", "versionStartIncluding": "2.001", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CDCC60A-0792-4CE4-B73A-07BD1368AC83", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nA denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper input validation in the device. If exploited, a disruption in the CIP communication will occur and a manual restart will be required by the user to recover it.\n\n"}, {"lang": "es", "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio en Rockwell Automation PowerFlex\u00ae 527 debido a una validaci\u00f3n de entrada incorrecta en el dispositivo. Si se explota, se producir\u00e1 una interrupci\u00f3n en la comunicaci\u00f3n CIP y el usuario deber\u00e1 reiniciar manualmente para recuperarla."}], "id": "CVE-2024-2426", "lastModified": "2025-01-31T15:41:55.917", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-25T21:15:47.480", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Vendor Advisory"], "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}