Rockwell Automation GuardLogix 5380 and 5580 (Update A)

Back to Archive

Source

CISA_ICS

Published

2-4-2025

CVE IDs

CVE-2025-24478

Affected Products

GuardLogix 5580 (SIL 3 with the safety partner 3), Compact GuardLogix 5380 SIL 3

Summary

Successful exploitation of this vulnerability could allow a remote, non-privileged user to send malicious requests resulting in a major nonrecoverable fault causing a denial-of-service condition.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-02https://www.cve.org/CVERecord?id=CVE-2025-24478https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H