CVE-2024-8626

Oct. 10, 2024, 12:56 p.m.

Tags

CWE-400
PSIRT@rockwellautomation.com
2024-10-08
CVE-2024-8626

Product(s) Impacted

Rockwell Automation

Description

Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require a power cycle to recover.

Weaknesses

CWE-400
Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CWE ID: 400

Date

Published: Oct. 8, 2024, 5:15 p.m.

Last Modified: Oct. 10, 2024, 12:56 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

PSIRT@rockwellautomation.com

References

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1706.html
PSIRT@rockwellautomation.com