PatchSiren cyber security CVE debrief
CVE-2024-9124 Rockwell Automation CVE debrief
CVE-2024-9124 is a high-severity denial-of-service vulnerability affecting Rockwell Automation PowerFlex 6000T drives. Published on October 10, 2024, this issue allows an attacker to render the device unavailable by overloading it with requests. Recovery may require a manual power cycle if the device fails to re-establish connectivity after the request flood ceases. The vulnerability carries a CVSS 3.1 score of 7.5 (HIGH), reflecting its network-attack vector, low attack complexity, and no required privileges or user interaction. Affected versions include 8.001, 8.002, and 9.001. Rockwell Automation has released version 10.001 as a corrective update. Organizations unable to upgrade should implement security best practices to reduce exposure.
- Vendor
- Rockwell Automation
- Product
- PowerFlex 6000T
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-10-10
- Original CVE updated
- 2024-10-10
- Advisory published
- 2024-10-10
- Advisory updated
- 2024-10-10
Who should care
Organizations operating Rockwell Automation PowerFlex 6000T drives in industrial environments, particularly those with network-connected OT infrastructure. Critical infrastructure operators, manufacturing facilities, and utilities relying on these drives for motor control should prioritize assessment and patching.
Technical summary
The PowerFlex 6000T medium voltage drive contains a denial-of-service vulnerability triggered by request flooding. When overwhelmed, the device becomes unresponsive and may require manual intervention (power cycle) to restore operation if automatic recovery fails. The attack requires no authentication and can be conducted remotely over the network.
Defensive priority
HIGH
Recommended defensive actions
- Update PowerFlex 6000T devices to version 10.001 to remediate this vulnerability.
- If immediate patching is not feasible, implement network segmentation to limit exposure of affected drives to untrusted networks.
- Apply ICS security best practices including defense-in-depth strategies to reduce attack surface.
- Monitor for anomalous request patterns that may indicate exploitation attempts.
- Establish operational procedures for manual power cycle recovery in case of device unavailability.
Evidence notes
Vulnerability details sourced from CISA CSAF advisory ICSA-24-284-19. Affected product versions confirmed as PowerFlex 6000T: 8.001, 8.002, 9.001. Remediation guidance specifies update to version 10.001. CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H confirms network-reachable, unauthenticated denial-of-service condition.
Official resources
-
CVE-2024-9124 CVE record
CVE.org
-
CVE-2024-9124 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-10-10