PatchSiren cyber security CVE debrief
CVE-2024-23315 AutomationDirect CVE debrief
A read-what-where vulnerability in AutomationDirect Productivity PLCs allows unauthenticated remote attackers to disclose sensitive information via specially crafted network packets targeting the Programming Software Connection IMM 01A1 Memory Read functionality. The vulnerability affects multiple Productivity series CPUs across firmware and software versions, with a CVSS 3.1 score of 7.5 (HIGH). Published by CISA on May 23, 2024, this vulnerability requires no authentication and can be triggered remotely, making it particularly dangerous for industrial control systems exposed to network access.
- Vendor
- AutomationDirect
- Product
- Productivity 3000 P3-550E CPU
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-05-23
- Original CVE updated
- 2024-05-23
- Advisory published
- 2024-05-23
- Advisory updated
- 2024-05-23
Who should care
Organizations operating AutomationDirect Productivity series PLCs in industrial environments, particularly those with devices connected to networks. Critical infrastructure operators, manufacturing facilities, and any industrial automation deployments using affected P3-550E, P3-550, P3-530, P2-550, P1-550, or P1-540 CPU models should prioritize assessment and remediation. Security teams responsible for OT/ICS network segmentation and access control should evaluate exposure of these devices.
Technical summary
This vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect Productivity PLCs. The read-what-where condition allows an unauthenticated attacker to send a specially crafted network packet that results in disclosure of sensitive information from device memory. The attack vector is network-based, requires no authentication, no privileges, and no user interaction. Affected devices span the Productivity 1000, 2000, and 3000 series with specific firmware versions (1.2.10.9 for P3 series, 1.2.10.10 for P2/P1 series) and software version 4.1.1.10. The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N reflects network accessibility, low attack complexity, no required privileges or user interaction, and high impact to confidentiality with no integrity or availability impact.
Defensive priority
HIGH
Recommended defensive actions
- Update Productivity Suite programming software to version 4.2.0.x or higher
- Update Productivity PLC firmware to the latest available version
- Physically disconnect affected PLCs from external networks including internet and LANs
- Implement network segmentation to isolate PLCs from other organizational systems
- Configure firewall rules or network access control (NAC) policies to block traffic to affected PLCs
- Conduct thorough network security analysis to determine appropriate security levels for automation control systems
- Review AutomationDirect security considerations documentation for additional hardening guidance
- Contact AutomationDirect Technical Support at 770-844-4200 or 800-633-0405 for assistance with remediation
Evidence notes
CISA ICS advisory ICSA-24-144-01 documents this vulnerability in AutomationDirect Productivity PLCs. The vulnerability specifically exists in the Programming Software Connection IMM 01A1 Memory Read functionality. Affected products include Productivity 3000 P3-550E/P3-550/P3-530 CPUs, Productivity 2000 P2-550 CPU, and Productivity 1000 P1-550/P1-540 CPUs with specific firmware and software versions. The vulnerability is exploitable via unauthenticated network packets, enabling information disclosure without any required privileges or user interaction.
Official resources
-
CVE-2024-23315 CVE record
CVE.org
-
CVE-2024-23315 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-05-23