PN1613 | Product Notice 1613: Logix Controllers Vulnerable to a Denial-of-Service Vulnerability

Rockwell Automation was made aware of a denial-of-service vulnerability that impacts several versions of our GuardLogix^® and ControlLogix^® controllers. Exploitation of this vulnerability could potentially lead to degradation in availability of the controller and/or a possible major non-recoverable fault (MNRF).

Customers using affected software versions are encouraged to evaluate the mitigations and apply them where appropriate. Additional details relating to the discovered vulnerability, including the products in scope, impact, and recommended countermeasures, are provided. We have not received any notice of this vulnerability being exploited in Rockwell Automation products.

• CompactLogix™ 5370
• Compact GuardLogix 5370
• ControlLogix 5570
• ControlLogix 5570 redundancy
• GuardLogix 5570

CVE-2022-3157 Controllers vulnerable to Denial-of-Service Condition
A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP™ request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).

CVSS Base Score:  8.6/10 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

This vulnerability has been addressed in newer versions of the products. Customers are also directed towards the risk mitigations and are encouraged, when possible, to combine these with QA43240 - Recommended Security Guidelines from Rockwell Automation to employ multiple strategies simultaneously.

Products Affected	First Known Version Affected	Corrected In
CompactLogix 5370 ControlLogix 5570 GuardLogix 5570	20.011	33.013 34.011 and later
Compact GuardLogix 5370	28.011	33.013 34.011 and later
ControlLogix 5570 Redundancy	20.054	33.052 34.051 and later

Reference

• CVE-2022-3157