Vulnerability CVE-2024-6098


Published: 2024-08-16

Description:
When performing an online tag generation to devices which communicate
using the ControlLogix protocol, a machine-in-the-middle, or a device
that is not configured correctly, could deliver a response leading to
unrestricted or unregulated resource allocation. This could cause a
denial-of-service condition and crash the Kepware application. By
default, these functions are turned off, yet they remain accessible for
users who recognize and require their advantages.

Type:

CWE-770

 References:
https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-11
https://www.ptc.com/en/support/article/CS423892

Copyright 2025, cxsecurity.com

 

Back to Top