Severity:
High
Advisory ID:
PN1609
Data pubblicazione:
December 06, 2022
Ultimo aggiornamento:
October 16, 2024
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Sì
Workaround:
No
CVE IDs
CVE-2022-3752
Download
The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:
Riepilogo
Logix Controllers Vulnerable to Denial-of-Service Attack
Revision History
Revision Number
1.0
Revision History
Version 1.0 – December 6, 2022
Executive Summary
Rockwell Automation discovered a vulnerability within our Logix Controllers. This vulnerability may allow an unauthorized user to cause a denial of service on a targeted device. Customers using affected versions of this firmware are encouraged to evaluate the following mitigations provided and apply them to their deployed products. Additional details relating to the discovered vulnerability, including affected products and recommended countermeasures, are provided in this security advisory.
Affected Products
- CompactLogix 5380 controllers
- Compact GuardLogix® 5380 controllers
- CompactLogix 5480 controllers
- ControlLogix 5580 controllers
- GuardLogix 5580 controllers
Vulnerability Details
CVE-2022-3752 Rockwell Automation Logix Controllers are Vulnerable to a Denial-of-Service Attack
An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation.
An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation.
CVSS v3.1 Base Score: 8.6/10[HIGH]
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Risk Mitigation & User Action
Customers using the products in scope are encouraged to evaluate the mitigations provided below and apply the appropriate mitigations to their deployed products.
Products Affected | First Known Version Affected | Corrected In |
CompactLogix 5380 Compact GuardLogix 5380 ControlLogix 5580 GuardLogix 5580 | This vulnerability is present in firmware version 31.011 and later | This issue has been mitigated in the following firmware versions:
|
CompactLogix 5480 | This vulnerability is present in firmware version 32.011 and later |
General Security Guidelines
General security guidelines can be found in QA43240 - Recommended Security Guidelines Article in our Knowledgebase.
Requests for additional information can be sent to the PSIRT Inbox (PSIRT@rockwellautomation.com).
Requests for additional information can be sent to the PSIRT Inbox (PSIRT@rockwellautomation.com).
ADDITIONAL LINKS
Copyright ©2022 Rockwell Automation, Inc.