CVE-2024-6436
| Summary |
An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition. If exploited, the device would become unresponsive, and a manual restart will be required for recovery. Additionally, if exploited, there could be a loss of view for the downstream equipment sequences in the controller. Users would not be able to view the status or command the equipment sequences, however the equipment sequence would continue to execute uninterrupted.
|
| Publication Date |
Sept. 28, 2024, 5:15 a.m. |
| Registration Date |
Sept. 28, 2024, noon |
| Last Update |
Sept. 30, 2024, 9:45 p.m. |
Related information, measures and tools
Common Vulnerabilities List
JVN Vulnerability Information
Rockwell Automation 製 SequenceManager における不適切な入力確認の脆弱性
| Title |
Rockwell Automation 製 SequenceManager における不適切な入力確認の脆弱性
|
| Summary |
Rockwell Automation が提供する SequenceManager には、次の脆弱性が存在します。 * 不適切な入力確認(CWE-20)− CVE-2024-6436
|
| Possible impacts |
脆弱性を悪用された場合、次のような影響を受ける可能性があります。 * サービス運用妨害(DoS)状態にされる |
| Solution |
[アップデートする] 開発者は、アップデートを提供しています。 詳細は、開発者が提供する情報を確認してください。 |
| Publication Date |
Oct. 2, 2024, midnight |
| Registration Date |
Oct. 3, 2024, 12:26 p.m. |
| Last Update |
Oct. 3, 2024, 12:26 p.m. |
Affected System
| Rockwell Automation |
|
SequenceManager 2.0より前のバージョン
|
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
ベンダー情報
その他
Change Log
| No |
Changed Details |
Date of change |
| 1 |
[2024年10月03日] 掲載 |
Oct. 3, 2024, 11:51 a.m. |