PatchSiren cyber security CVE debrief
CVE-2024-24957 AutomationDirect CVE debrief
A null-byte write vulnerability in the Programming Software Connection FileSystem API of AutomationDirect Productivity PLCs allows remote attackers to cause heap-based memory corruption via specially crafted network packets. The vulnerability affects multiple Productivity series CPUs across firmware and software versions, with a CVSS 3.1 score of 8.2 (HIGH severity). The issue was disclosed by CISA on May 23, 2024, with vendor-provided patches and mitigations available.
- Vendor
- AutomationDirect
- Product
- Productivity 3000 P3-550E CPU
- CVSS
- HIGH 8.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-05-23
- Original CVE updated
- 2024-05-23
- Advisory published
- 2024-05-23
- Advisory updated
- 2024-05-23
Who should care
Industrial control system operators, OT security teams, manufacturing security engineers, automation engineers, and critical infrastructure defenders using AutomationDirect Productivity series PLCs should prioritize assessment and patching.
Technical summary
The vulnerability exists in the Programming Software Connection FileSystem API functionality of AutomationDirect Productivity PLCs. Specially crafted network packets can trigger a null-byte write condition leading to heap-based memory corruption. The attack requires no authentication and can be executed remotely over the network. Successful exploitation impacts availability (HIGH) and integrity (LOW) of the affected control system. The vulnerability affects 12 product configurations across six CPU models in the Productivity 1000, 2000, and 3000 series with specific firmware and software versions.
Defensive priority
HIGH
Recommended defensive actions
- Update Productivity Suite programming software to version 4.2.0.x or higher
- Update Productivity PLC firmware to the latest available version
- Physically disconnect affected PLCs from external networks including internet and LANs if patching is not immediately feasible
- Implement network segmentation to isolate PLCs from other organizational systems
- Configure firewall rules or network access control (NAC) policies to restrict traffic to affected PLCs
- Conduct thorough network security analysis to determine appropriate security level for automation control systems
- Review AutomationDirect security considerations documentation for additional hardening guidance
Evidence notes
CISA ICS advisory ICSA-24-144-01 documents this vulnerability in AutomationDirect Productivity PLCs. The null-byte write occurs in the Programming Software Connection FileSystem API functionality. Affected products include Productivity 3000 (P3-550E, P3-550, P3-530), Productivity 2000 (P2-550), and Productivity 1000 (P1-550, P1-540) series CPUs with specific firmware and software versions. The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H indicates network attack vector with no privileges required, resulting in high availability impact and low integrity impact.
Official resources
-
CVE-2024-24957 CVE record
CVE.org
-
CVE-2024-24957 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-05-23