Severity:
Medium
Advisory ID:
PN1597
Published Date:
July 07, 2022
Last Updated:
July 07, 2022
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
CVE IDs
CVE-2022-2179
Summary
MicroLogix 1400/1100 Vulnerable to Clickjacking Vulnerability
Revision History
Revision History
Version 1.0 – July 7, 2022
Executive Summary
Rockwell Automation received a vulnerability report from Pawan V. Sable and Pranita Sadgir, and Dr. Faruk Kazi of COE-CNDS from Veermata Jijabai Technological Institute (VJTI) India. If exploited, this vulnerability could potentially have a high impact on the confidentiality of the targeted device.
Customers using affected versions of this software are encouraged to evaluate the mitigations provided below and apply them where appropriate. Additional details relating to the discovered vulnerability, including the products in scope, impact, and recommended countermeasures, are provided herein. We have not received any notice of this vulnerability being exploited in Rockwell Automation products.
Customers using affected versions of this software are encouraged to evaluate the mitigations provided below and apply them where appropriate. Additional details relating to the discovered vulnerability, including the products in scope, impact, and recommended countermeasures, are provided herein. We have not received any notice of this vulnerability being exploited in Rockwell Automation products.
Affected Products
- MicroLogix™ 1400 v. 21.007 and below
- MicroLogix™ 1100 all versions
Vulnerability Details
Rockwell Automation was made aware that the X-Frame-Options header is not configured in the HTTP response and allows potential clickjacking attacks. Exploitation of this vulnerability could potentially allow a malicious user to trick a legitimate user into using an untrusted website. If exploited, this vulnerability could lead to a loss of sensitive information, such as authentication credentials.
(CVE 2022 - 2179) MicroLogix Controllers Vulnerable to Clickjacking Attack
CVSS Base Score: 6.5 /10 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
(CVE 2022 - 2179) MicroLogix Controllers Vulnerable to Clickjacking Attack
CVSS Base Score: 6.5 /10 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Risk Mitigation & User Action
Customers using the affected software are encouraged to implement the risk mitigations below to minimize the risk of vulnerability. Additionally, we encourage customers to combine the risk mitigations with security best practices, also provided below, to deploy a defense-in-depth strategy.
- Disable the web server, if possible (This component is an optional feature and disabling it will not disrupt the intended use of the device)
- Configure firewalls to disallow network communication through HTTP/Port 80
References
Copyright ©2022 Rockwell Automation, Inc.