Severity:
High
Advisory ID:
PN1613
Data pubblicazione:
January 25, 2023
Ultimo aggiornamento:
January 25, 2023
Revision Number:
1.2
Known Exploited Vulnerability (KEV):
No
Corrected:
No
Workaround:
No
CVE IDs
CVE-2022-3157
Riepilogo
Product Notice 1613: Logix Controllers Vulnerable to a Denial-of-Service Vulnerability
Revision History
Revision Number
1.2
Revision History
Version 1.0 – December 15, 2022
Version 1.1 – January 17, 2022 – Updated risk mitigation section
Version 1.2 – January 25, 2023 – Updated risk mitigation section
Version 1.1 – January 17, 2022 – Updated risk mitigation section
Version 1.2 – January 25, 2023 – Updated risk mitigation section
Executive Summary
Rockwell Automation was made aware of a denial-of-service vulnerability that impacts several versions of our GuardLogix® and ControlLogix® controllers. Exploitation of this vulnerability could potentially lead to degradation in availability of the controller and/or a possible major non-recoverable fault (MNRF).
Customers using affected software versions are encouraged to evaluate the mitigations and apply them where appropriate. Additional details relating to the discovered vulnerability, including the products in scope, impact, and recommended countermeasures, are provided. We have not received any notice of this vulnerability being exploited in Rockwell Automation products.
Customers using affected software versions are encouraged to evaluate the mitigations and apply them where appropriate. Additional details relating to the discovered vulnerability, including the products in scope, impact, and recommended countermeasures, are provided. We have not received any notice of this vulnerability being exploited in Rockwell Automation products.
Affected Products
- CompactLogix™ 5370
- Compact GuardLogix 5370
- ControlLogix 5570
- ControlLogix 5570 redundancy
- GuardLogix 5570
Vulnerability Details
CVE-2022-3157 Controllers vulnerable to Denial-of-Service Condition
A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP™ request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).
A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP™ request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).
CVSS Base Score: 8.6/10 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Risk Mitigation & User Action
This vulnerability has been addressed in newer versions of the products. Customers are also directed towards the risk mitigations and are encouraged, when possible, to combine these with QA43240 - Recommended Security Guidelines from Rockwell Automation to employ multiple strategies simultaneously.
Products Affected | First Known Version Affected | Corrected In |
CompactLogix 5370 ControlLogix 5570 GuardLogix 5570 | 20.011 |
|
Compact GuardLogix 5370 | 28.011 |
|
ControlLogix 5570 Redundancy | 20.054 |
|
Reference
Copyright ©2022 Rockwell Automation, Inc.