Vulnerabilites related to rockwellautomation - softlogix_5800
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:40
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05 | Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_1768-l43_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5902C3FA-4EBC-4F52-A0A6-17530215BBC2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_1768-l43:-:*:*:*:*:*:*:*", matchCriteriaId: "500CCE0E-688A-4077-BE1A-0EA14E09EDC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_1768-l45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72AC0D0-1DE8-4224-A377-7CD91B935A73", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_1768-l45:-:*:*:*:*:*:*:*", matchCriteriaId: "DBC58246-9865-463E-B728-E2C408ACB326", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_1769-l31_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8208B8AB-F0D1-4D83-A659-5A8E54923773", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_1769-l31:-:*:*:*:*:*:*:*", matchCriteriaId: "25C24363-B2E4-4F3A-BB18-7C57A0329141", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_1769-l32c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "333841E4-E187-49F0-A58E-613E7DEC4567", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_1769-l32c:-:*:*:*:*:*:*:*", matchCriteriaId: "1424AA33-EED1-45B4-859A-C2E02EE5B117", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_1769-l32e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3931B5BF-BBF4-456B-ACC6-71FF740812DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_1769-l32e:-:*:*:*:*:*:*:*", matchCriteriaId: "349841AF-C1A1-4C8D-BCF7-8A11FBBBABC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_1769-l35cr_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C96F688C-228D-4524-A16F-EFB036A149A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_1769-l35cr:-:*:*:*:*:*:*:*", matchCriteriaId: "4D6FC91A-B6D9-4438-AF29-258ABD198526", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_1769-l35e_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9FA8DFA8-3248-49B1-9A2F-823BAD328E1C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_1769-l35e:-:*:*:*:*:*:*:*", matchCriteriaId: "A9FABB28-BDEE-4C64-BE22-1A594FA612AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8781D41-3B6E-4738-B56A-779B33F91583", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5370_l3:-:*:*:*:*:*:*:*", matchCriteriaId: "52C2F377-6F0D-4752-A4A3-C40604A8575D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "60F4218A-EB8E-41AB-B6D2-6FA1C5F4DBE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5370_l2:-:*:*:*:*:*:*:*", matchCriteriaId: "65092726-5567-488C-9E32-DC42D34E111D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1AA11CE3-CAF7-4236-BBBA-B0720CF9671E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5370_l1:-:*:*:*:*:*:*:*", matchCriteriaId: "848B3145-24E4-445B-958A-4C3F84C4546C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D6164C08-2D51-4926-8724-DBB6F15AFF8E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*", matchCriteriaId: "EDD040ED-B44C-47D0-B4D4-729C378C4F68", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CB52219D-FA84-436A-9985-CC213FB0CA8E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*", matchCriteriaId: "80F4F5BE-07DF-402A-BF98-34FBA6A11968", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A99E2DE7-50DA-46D3-AF60-BD38A81FAE55", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*", matchCriteriaId: "6F951670-AF4D-4429-8BC1-79BDEF83B2C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F84096B0-5D14-408A-ACB6-E16B23D01DB5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*", matchCriteriaId: "62414E65-73C7-4172-B7BF-F40A66AFBB90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5550_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC2014EF-C7B4-4BA7-A8A2-63FFECA51F74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5550:-:*:*:*:*:*:*:*", matchCriteriaId: "13EE2216-F25F-44AB-A167-4EEA153C8F8D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5560_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED54702B-BB6F-423A-9B6E-2A009616F779", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5560:-:*:*:*:*:*:*:*", matchCriteriaId: "EA25FF8D-51C5-4928-9B90-E4BD1476F50B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5570_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02588718-A3D7-4FC5-B336-BFE9C9DD099D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5570:-:*:*:*:*:*:*:*", matchCriteriaId: "482E2CD6-D484-486C-92F4-18432D107E30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D1B751BB-5C55-46BD-A15D-CCCA9699FC5D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:guardlogix_5560_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3CC3C22D-9FB4-4492-8907-8396A182D300", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:guardlogix_5560:-:*:*:*:*:*:*:*", matchCriteriaId: "7A42D9BC-9468-479A-873D-52175687FCBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:guardlogix_5570_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19C8A074-6DAF-45F6-8AE0-D004ECDCF80A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:guardlogix_5570:-:*:*:*:*:*:*:*", matchCriteriaId: "321AE938-192A-4342-8608-ADC81F0B6582", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1829B090-7E73-4712-8235-F4C8D53D229F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "006B7683-9FDF-4748-BA28-2EA22613E092", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:flexlogix_1794-l34_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA46037-9030-449F-ADEE-B4428E3A0CAF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:flexlogix_1794-l34:-:*:*:*:*:*:*:*", matchCriteriaId: "00F74EB3-FF64-471A-9380-8415516B4683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:drivelogix_5730_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D6D20542-BA18-43AE-9CD7-8DB9F1B069AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:drivelogix_5730:-:*:*:*:*:*:*:*", matchCriteriaId: "03E185C3-17CA-4E3F-863B-9F906C5C59EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:rockwellautomation:softlogix_5800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5EF194E8-E858-43F2-AC60-5AD722973B86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:softlogix_5800:-:*:*:*:*:*:*:*", matchCriteriaId: "BDAB7B6D-CCAC-460B-8A88-3397A2397078", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.", }, { lang: "es", value: "Un atacante con la capacidad de modificar un programa de usuario puede cambiar el código del programa de usuario en algunos sistemas ControlLogix, CompactLogix y GuardLogix Control. Studio 5000 Logix Designer escribe el código del programa legible por el usuario en una ubicación distinta a la del código compilado ejecutado, permitiendo a un atacante cambiar uno y no el otro", }, ], id: "CVE-2022-1161", lastModified: "2024-11-21T06:40:09.667", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "ics-cert@hq.dhs.gov", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-11T20:15:18.017", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-829", }, ], source: "ics-cert@hq.dhs.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-03 18:15
Modified
2024-11-21 05:50
Severity ?
Summary
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03 | Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "6755FCF6-4A0C-478A-AEFF-54E35C45149D", versionStartIncluding: "2.10", vulnerable: true, }, { criteria: "cpe:2.3:a:rockwellautomation:rslogix_5000:*:*:*:*:*:*:*:*", matchCriteriaId: "04C30129-3F03-4486-B181-EBDE29751372", versionEndIncluding: "20", versionStartIncluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:*:*:*:*:*:*:*:*", matchCriteriaId: "9C840463-A11F-43A0-AA45-1AC810713AB6", versionStartIncluding: "21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*", matchCriteriaId: "6F951670-AF4D-4429-8BC1-79BDEF83B2C3", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*", matchCriteriaId: "62414E65-73C7-4172-B7BF-F40A66AFBB90", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_1768:-:*:*:*:*:*:*:*", matchCriteriaId: "2E5F100A-C8A3-49F2-B1D2-411432472B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_1769:-:*:*:*:*:*:*:*", matchCriteriaId: "F8A690BC-4D7C-4B83-A9F6-F860445028A2", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5370:-:*:*:*:*:*:*:*", matchCriteriaId: "E12ADAE3-97B1-48BC-BE69-ED75667C1886", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*", matchCriteriaId: "EDD040ED-B44C-47D0-B4D4-729C378C4F68", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*", matchCriteriaId: "80F4F5BE-07DF-402A-BF98-34FBA6A11968", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5550:-:*:*:*:*:*:*:*", matchCriteriaId: "13EE2216-F25F-44AB-A167-4EEA153C8F8D", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5560:-:*:*:*:*:*:*:*", matchCriteriaId: "EA25FF8D-51C5-4928-9B90-E4BD1476F50B", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5570:-:*:*:*:*:*:*:*", matchCriteriaId: "482E2CD6-D484-486C-92F4-18432D107E30", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:drivelogix_1794-l34:-:*:*:*:*:*:*:*", matchCriteriaId: "4A75A0FD-C337-4264-B1E4-96701851D6FA", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:drivelogix_5560:-:*:*:*:*:*:*:*", matchCriteriaId: "DFDAAA77-6964-44FC-9FFB-ECDF71665965", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:drivelogix_5730:-:*:*:*:*:*:*:*", matchCriteriaId: "03E185C3-17CA-4E3F-863B-9F906C5C59EA", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:guardlogix_5570:-:*:*:*:*:*:*:*", matchCriteriaId: "321AE938-192A-4342-8608-ADC81F0B6582", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*", matchCriteriaId: "006B7683-9FDF-4748-BA28-2EA22613E092", vulnerable: false, }, { criteria: "cpe:2.3:h:rockwellautomation:softlogix_5800:-:*:*:*:*:*:*:*", matchCriteriaId: "BDAB7B6D-CCAC-460B-8A88-3397A2397078", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.", }, { lang: "es", value: "Rockwell Automation Studio 5000 Logix Designer versiones 21 y posteriores, y RSLogix 5000 versiones 16 hasta 20, usan una clave para verificar que los controladores Logix se estén comunicando con Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer versiones 21 y posteriores y RSLogix 5000: Versiones 16 hasta 20, son vulnerables porque un atacante no autenticado podría pasar por alto este mecanismo de comprobación y autenticarse con Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550 , 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800", }, ], id: "CVE-2021-22681", lastModified: "2024-11-21T05:50:28.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-03T18:15:14.643", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-522", }, ], source: "ics-cert@hq.dhs.gov", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2022-1161
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-09-16 19:30
Severity ?
EPSS score ?
Summary
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:55:24.400Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "1768 CompactLogix controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "All all", }, ], }, { product: "1769 CompactLogix controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "CompactLogix 5370 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "CompactLogix 5380 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "CompactLogix 5480 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "Compact GuardLogix 5370 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "Compact GuardLogix 5380 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "ControlLogix 5550 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "ControlLogix 5560 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "ControlLogix 5570 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "ControlLogix 5580 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "GuardLogix 5560 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "GuardLogix 5570 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "GuardLogix 5580 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "FlexLogix 1794-L34 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "DriveLogix 5730 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, { product: "SoftLogix 5800 controllers", vendor: "Rockwell Automation", versions: [ { status: "affected", version: "all", }, ], }, ], credits: [ { lang: "en", value: "Sharon Brizinov and Tal Keren of Claroty reported this vulnerability to CISA.", }, ], datePublic: "2022-03-31T00:00:00", descriptions: [ { lang: "en", value: "An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-829", description: "CWE-829 Inclusion of Functionality from Untrusted Control Sphere", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-11T19:38:14", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05", }, ], solutions: [ { lang: "en", value: "The following mitigations should be applied for ControlLogix 5560, ControlLogix 5570, ControlLogix 5580 series, GuardLogix 5570, GuardLogix 5580, GuardLogix 5380, CompactLogix, CompactLogix 5380 devices:\n\nRisk Mitigation A:\n\nRecompile and download user program code (i.e., acd).\nPut controller mode switch into Run position.\nIf keeping controller mode switch in Run is impractical, use the following mitigation:\n\nRecompile and download user program code (i.e., acd).\nMonitor controller change log for any unexpected modifications or anomalous activity.\nUtilize the Controller Log feature.\nUtilize Change Detection in the Logix Designer Application.\nIf available, use the functionality in FactoryTalk AssetCenter software to detect changes.\nRisk Mitigation B:\n\nImplement CIP Security to help prevent unauthorized connections when properly deployed. Supported controllers and communications modules include:\n\nControlLogix 5580 processors using on-board EtherNet/IP port.\nGuardLogix 5580 processors using on-board EtherNet/IP port.\nControlLogix 5580 processors operating in High Availability (HA) configurations using 1756-EN4TR\nControlLogix 5560, ControlLogix 5570, ControlLogix 5580, GuardLogix 5570 and GuardLogix 5580 can use a 1756-EN4TR ControlLogix EtherNet/IP module.\nIf using a 1756-EN2T, then replace with a 1756-EN4TR\nCompactLogix 5380 using on-board EtherNet/IP port.\nCompactLogix GuardLogix 5380 using on-board EtherNet/IP port.\nThe following mitigations should be applied for 1768 CompactLogix, 1769 CompactLogix, CompactLogix 5370, and CompactLogix 5480 devices:\n\nRecompile and download user program code (i.e., acd).\nPut controller mode switch into Run position.\nIf keeping controller mode switch in Run is impractical, then use the following mitigation:\n\nRecompile and download user program code (i.e., acd).\nMonitor controller change log for any unexpected modifications or anomalous activity.\nUse the Controller Log feature.\nUse Change Detection in the Logix Designer application.\nIf available, use the functionality in FactoryTalk AssetCenter to detect changes.", }, ], source: { advisory: "ICSA-22-090-05", discovery: "EXTERNAL", }, title: "ICSA-22-090-05 Rockwell Automation Logix Controllers", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", DATE_PUBLIC: "2022-03-31T17:00:00.000Z", ID: "CVE-2022-1161", STATE: "PUBLIC", TITLE: "ICSA-22-090-05 Rockwell Automation Logix Controllers", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "1768 CompactLogix controllers", version: { version_data: [ { version_affected: "=", version_name: "All", version_value: "all", }, ], }, }, { product_name: "1769 CompactLogix controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "CompactLogix 5370 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "CompactLogix 5380 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "CompactLogix 5480 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "Compact GuardLogix 5370 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "Compact GuardLogix 5380 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "ControlLogix 5550 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "ControlLogix 5560 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "ControlLogix 5570 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "ControlLogix 5580 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "GuardLogix 5560 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "GuardLogix 5570 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "GuardLogix 5580 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "FlexLogix 1794-L34 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "DriveLogix 5730 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, { product_name: "SoftLogix 5800 controllers", version: { version_data: [ { version_affected: "=", version_name: "all", version_value: "all", }, ], }, }, ], }, vendor_name: "Rockwell Automation", }, ], }, }, credit: [ { lang: "eng", value: "Sharon Brizinov and Tal Keren of Claroty reported this vulnerability to CISA.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-829 Inclusion of Functionality from Untrusted Control Sphere", }, ], }, ], }, references: { reference_data: [ { name: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05", refsource: "MISC", url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05", }, ], }, solution: [ { lang: "en", value: "The following mitigations should be applied for ControlLogix 5560, ControlLogix 5570, ControlLogix 5580 series, GuardLogix 5570, GuardLogix 5580, GuardLogix 5380, CompactLogix, CompactLogix 5380 devices:\n\nRisk Mitigation A:\n\nRecompile and download user program code (i.e., acd).\nPut controller mode switch into Run position.\nIf keeping controller mode switch in Run is impractical, use the following mitigation:\n\nRecompile and download user program code (i.e., acd).\nMonitor controller change log for any unexpected modifications or anomalous activity.\nUtilize the Controller Log feature.\nUtilize Change Detection in the Logix Designer Application.\nIf available, use the functionality in FactoryTalk AssetCenter software to detect changes.\nRisk Mitigation B:\n\nImplement CIP Security to help prevent unauthorized connections when properly deployed. Supported controllers and communications modules include:\n\nControlLogix 5580 processors using on-board EtherNet/IP port.\nGuardLogix 5580 processors using on-board EtherNet/IP port.\nControlLogix 5580 processors operating in High Availability (HA) configurations using 1756-EN4TR\nControlLogix 5560, ControlLogix 5570, ControlLogix 5580, GuardLogix 5570 and GuardLogix 5580 can use a 1756-EN4TR ControlLogix EtherNet/IP module.\nIf using a 1756-EN2T, then replace with a 1756-EN4TR\nCompactLogix 5380 using on-board EtherNet/IP port.\nCompactLogix GuardLogix 5380 using on-board EtherNet/IP port.\nThe following mitigations should be applied for 1768 CompactLogix, 1769 CompactLogix, CompactLogix 5370, and CompactLogix 5480 devices:\n\nRecompile and download user program code (i.e., acd).\nPut controller mode switch into Run position.\nIf keeping controller mode switch in Run is impractical, then use the following mitigation:\n\nRecompile and download user program code (i.e., acd).\nMonitor controller change log for any unexpected modifications or anomalous activity.\nUse the Controller Log feature.\nUse Change Detection in the Logix Designer application.\nIf available, use the functionality in FactoryTalk AssetCenter to detect changes.", }, ], source: { advisory: "ICSA-22-090-05", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2022-1161", datePublished: "2022-04-11T19:38:14.725172Z", dateReserved: "2022-03-29T00:00:00", dateUpdated: "2024-09-16T19:30:34.104Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-22681
Vulnerability from cvelistv5
Published
2021-03-03 17:59
Modified
2024-08-03 18:51
Severity ?
EPSS score ?
Summary
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers |
Version: RSLogix 5000 Versions 16 through 20 Version: Studio 5000 Logix Designer: Versions 21 and later Version: CompactLogix 1768, 1769, 5370, 5380, 5480 Version: ControlLogix 5550, 5560, 5570, 5580 Version: DriveLogix 5560, 5730, 1794-L34 Version: Compact GuardLogix 5370, 5380 Version: GuardLogix 5570, 5580 Version: SoftLogix 5800 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:51:06.940Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers", vendor: "n/a", versions: [ { status: "affected", version: "RSLogix 5000 Versions 16 through 20", }, { status: "affected", version: "Studio 5000 Logix Designer: Versions 21 and later", }, { status: "affected", version: "CompactLogix 1768, 1769, 5370, 5380, 5480", }, { status: "affected", version: "ControlLogix 5550, 5560, 5570, 5580", }, { status: "affected", version: "DriveLogix 5560, 5730, 1794-L34", }, { status: "affected", version: "Compact GuardLogix 5370, 5380", }, { status: "affected", version: "GuardLogix 5570, 5580", }, { status: "affected", version: "SoftLogix 5800", }, ], }, ], descriptions: [ { lang: "en", value: "Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-522", description: "Insufficiently Protected Credentials CWE-522", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-03T17:59:43", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2021-22681", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers", version: { version_data: [ { version_value: "RSLogix 5000 Versions 16 through 20", }, { version_value: "Studio 5000 Logix Designer: Versions 21 and later", }, { version_value: "CompactLogix 1768, 1769, 5370, 5380, 5480", }, { version_value: "ControlLogix 5550, 5560, 5570, 5580", }, { version_value: "DriveLogix 5560, 5730, 1794-L34", }, { version_value: "Compact GuardLogix 5370, 5380", }, { version_value: "GuardLogix 5570, 5580", }, { version_value: "SoftLogix 5800", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficiently Protected Credentials CWE-522", }, ], }, ], }, references: { reference_data: [ { name: "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03", refsource: "MISC", url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2021-22681", datePublished: "2021-03-03T17:59:43", dateReserved: "2021-01-05T00:00:00", dateUpdated: "2024-08-03T18:51:06.940Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }