Threat actors could exploit an already addressed high-severity vulnerability affecting some Rockwell Automation Logix programmable logic controllers, tracked as CVE-2024-6242, to evade the controllers' Trusted Slot functionality, SecurityWeek reports.
Intrusions leveraging the flaw against impacted modules on the 1756 chassis containing the devices' communication processors, controllers, and I/O modules could result in the execution of common industrial protocol commands enabling the alteration of controller user projects and/or device configurations, a report from Claroty revealed. "We found a vulnerability that allowed an attacker to bypass the trusted slot feature, jumping between local backplane slots within a 1756 chassis using CIP routing, traversing the security boundary meant to protect the CPU from untrusted cards. An attacker with this kind of access would be able to send elevated commands such as downloading logic to the PLC CPU even if the attacker is located behind an untrusted network card," said Claroty.
