CVE-2024-2427 - Vulnerability Details - OpenCVE

A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	Powerflex 527 Ac Drives Powerflex 527 Ac Drives Firmware

Configuration 1 [-]

AND

cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html

History

Fri, 31 Jan 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Rockwellautomation Rockwellautomation powerflex 527 Ac Drives Rockwellautomation powerflex 527 Ac Drives Firmware
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:::::::* cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware::::::::
Vendors & Products		Rockwellautomation Rockwellautomation powerflex 527 Ac Drives Rockwellautomation powerflex 527 Ac Drives Firmware

MITRE

Status: PUBLISHED

Assigner: Rockwell

Published: 2024-03-25T20:20:41.295Z

Updated: 2024-08-21T14:57:19.700Z

Reserved: 2024-03-13T14:46:09.865Z

Link: CVE-2024-2427

Vulnrichment

Updated: 2024-08-01T19:11:53.547Z

NVD

Status : Analyzed

Published: 2024-03-25T21:15:47.660

Modified: 2025-01-31T15:41:57.463

Link: CVE-2024-2427

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2427", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2024-03-13T14:46:09.865Z", "datePublished": "2024-03-25T20:20:41.295Z", "dateUpdated": "2024-08-21T14:57:19.700Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PowerFlex\u00ae 527", "vendor": "Rockwell Automation ", "versions": [{"status": "affected", "version": " v2.001.x <"}]}], "datePublic": "2024-03-21T13:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.</span>\n\n"}], "value": "\nA denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.\n\n"}], "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-03-25T20:20:41.295Z"}, "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>There is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible.</p><ul><li>Implement network segmentation confirming the device is on an isolated network.</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf\">Disable the web server</a>, if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></li></ul>"}], "value": "\nThere is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible.\n\n * Implement network segmentation confirming the device is on an isolated network.\n * Disable the web server https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf , if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \n\n"}], "source": {"discovery": "INTERNAL"}, "title": "Rockwell Automation - Denial-of-service and Input Validation Vulnerabilities in PowerFlex\u00ae 527", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.547Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "rockwellautomation", "product": "powerflex_527_ac_drives_firmware", "cpes": ["cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.001.0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-21T14:54:12.568778Z", "id": "CVE-2024-2427", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-21T14:57:19.700Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.547Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2427", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-21T14:54:12.568778Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*"], "vendor": "rockwellautomation", "product": "powerflex_527_ac_drives_firmware", "versions": [{"status": "affected", "version": "2.001.0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-21T14:56:53.808Z"}}], "cna": {"title": "Rockwell Automation - Denial-of-service and Input Validation Vulnerabilities in PowerFlex\u00ae 527", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-153", "descriptions": [{"lang": "en", "value": "CAPEC-153 Input Data Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation ", "product": "PowerFlex\u00ae 527", "versions": [{"status": "affected", "version": " v2.001.x <"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "\nThere is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible.\n\n * Implement network segmentation confirming the device is on an isolated network.\n * Disable the web server https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf , if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.\n * Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight \n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<p>There is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible.</p><ul><li>Implement network segmentation confirming the device is on an isolated network.</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf\">Disable the web server</a>, if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.</li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight\">Security Best Practices</a></li></ul>", "base64": false}]}], "datePublic": "2024-03-21T13:00:00.000Z", "references": [{"url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nA denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.</span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2024-03-25T20:20:41.295Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2427", "state": "PUBLISHED", "dateUpdated": "2024-08-21T14:57:19.700Z", "dateReserved": "2024-03-13T14:46:09.865Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2024-03-25T20:20:41.295Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:powerflex_527_ac_drives_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E82898F9-5FA5-428C-AEDA-20E7CD6C229D", "versionStartIncluding": "2.001", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:powerflex_527_ac_drives:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CDCC60A-0792-4CE4-B73A-07BD1368AC83", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nA denial-of-service vulnerability exists in the Rockwell Automation PowerFlex\u00ae 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.\n\n"}, {"lang": "es", "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio en Rockwell Automation PowerFlex\u00ae 527 debido a una limitaci\u00f3n inadecuada del tr\u00e1fico en el dispositivo. Si se env\u00edan varios paquetes de datos al dispositivo repetidamente, el dispositivo fallar\u00e1 y requerir\u00e1 un reinicio manual para recuperarse."}], "id": "CVE-2024-2427", "lastModified": "2025-01-31T15:41:57.463", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-25T21:15:47.660", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Vendor Advisory"], "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.rockwellautomation.com/en-us/support/advisory.SD1664.html"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}