Primary

Context

Rockwell Automation GuardLogix 5380 and 5580 Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in Rockwell Automation's GuardLogix 5380 SIL3 and GuardLogix 5580 products, specifically in version 33.011. This vulnerability allows a remote, non-privileged user to send malicious requests that cause a major, non-recoverable fault, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a major, non-recoverable fault, resulting in a denial-of-service condition on the affected system.

Remediation

Users are advised to update to versions 33.017, 34.014, 35.013, 36.011 or later. Additionally, access to the task object should be restricted via CIP Security and Hard Run. For more information on mitigating security risks in industrial automation control systems, consult Rockwell Automation's security best practices.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.0

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.0

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Rockwell Automation GuardLogix 5380 and 5580 Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Rockwell Automation GuardLogix 5580

Rockwell Automation Compact GuardLogix 5380 SIL3

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating