Rockwell Automation’s 5015-U8IHFT I/O Module: The Denial-of-Service Drama You Didn’t Know You Needed

View CSAF: Rockwell Automation’s 5015-U8IHFT I/O module has an improper input validation flaw, CVE-2024-45825, with a CVSS v4 score of 8.7. Exploitable remotely, it can cause a denial-of-service. Update to version 2.011 or follow best practices to mitigate risks.

Hot Take:

Looks like Rockwell Automation’s 5015-U8IHFT module has a new party trick: it can throw a major hissy fit and shut down when it gets a weird network message. Who knew denial-of-service could be so dramatic?

Key Points:

  • CVSS v4 score of 8.7 (that’s pretty severe!)
  • Exploitable remotely with low attack complexity
  • Vulnerability affects Rockwell Automation’s 5015-U8IHFT I/O module, versions 1.012 and prior
  • Successful exploitation can cause a denial-of-service condition
  • Update to version 2.011 to fix the issue

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here