TLDR:
Key Points:
- A high-severity security bypass vulnerability, CVE-2024-6242, was found in Rockwell Automation Logix controllers.
- The vulnerability allows threat actors to bypass the Trusted Slot feature in ControlLogix controllers, potentially modifying user projects and configurations.
Article Summary:
Organizations using certain Logix PLCs made by Rockwell Automation were alerted to a high-severity security bypass vulnerability discovered by Claroty researchers. The flaw, tracked as CVE-2024-6242, was found in ControlLogix 1756 devices, impacting GuardLogix and other controllers as well. Patches and mitigations have been released. The attack involves exploiting the trusted slot feature to bypass security boundaries, allowing threat actors to execute elevated commands. Although the vulnerability requires network access to the device, it could have serious implications, requiring immediate action by affected organizations.