Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-1797
HistoryJun 02, 2022 - 2:15 p.m.

CVE-2022-1797

2022-06-0214:15:33
CWE-400
[email protected]
web.nvd.nist.gov
37
5
cve-2022-1797
denial of service
industrial protocol
rockwell automation
logix controllers
nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON

A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online.

Affected configurations

NVD
Node
rockwellautomationcompactlogix_5380_firmwareRange<33.011
AND
rockwellautomationcompactlogix_5380Match-
Node
rockwellautomationcompact_guardlogix_5380_firmwareRange<33.011
AND
rockwellautomationcompact_guardlogix_5380Match-
Node
rockwellautomationcompactlogix_5480_firmwareRange<33.011
AND
rockwellautomationcompactlogix_5480Match-
Node
rockwellautomationcontrollogix_5580_firmwareRange<33.011
AND
rockwellautomationcontrollogix_5580Match-
Node
rockwellautomationguardlogix_5580_firmwareRange<33.011
AND
rockwellautomationguardlogix_5580Match-
Node
rockwellautomationcompactlogix_5370_firmwareRange<34.011
AND
rockwellautomationcompactlogix_5370Match-
Node
rockwellautomationcompact_guardlogix_5370Match-
AND
rockwellautomationcompact_guardlogix_5370_firmwareRange<34.011
Node
rockwellautomationcontrollogix_5570Match-
AND
rockwellautomationcontrollogix_5570_firmwareRange<34.011
Node
rockwellautomationguardlogix_5570Match-
AND
rockwellautomationguardlogix_5570_firmwareRange<34.011

CNA Affected

[
  {
    "product": "CompactLogix 5380 controllers",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "lessThanOrEqual": "32.013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Compact GuardLogix 5380 controllers",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "lessThanOrEqual": "32.013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "CompactLogix 5480 controllers",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "lessThanOrEqual": "32.013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "ControlLogix 5580 controllers",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "lessThanOrEqual": "32.013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "GuardLogix 5580 controllers",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "lessThanOrEqual": "32.013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "CompactLogix 5370 controllers",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "lessThanOrEqual": "33.013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Compact GuardLogix 5370 controllers",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "lessThanOrEqual": "33.013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "ControlLogix 5570 controllers",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "lessThanOrEqual": "33.013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "GuardLogix 5570 controllers",
    "vendor": "Rockwell Automation",
    "versions": [
      {
        "status": "affected",
        "version": "33.013"
      }
    ]
  }
]

Social References

More

Related

nvd 1
ics 1
nessus 1
prion 1
cvelist 1
nvd
nvd
CVE-2022-1797
2022-06-02 14:15:33
ics
ics
Rockwell Automation Logix Controllers
2022-05-24 12:00:00
nessus
nessus
Rockwell Automation Logix Controllers Uncontrolled Resource Consumption (CVE-2022-1797)
2022-06-11 00:00:00
prion
prion
Design/Logic Flaw
2022-06-02 14:15:00
cvelist
cvelist
CVE-2022-1797 Rockwell Automation Logix Controllers Uncontrolled Resource Consumption
2022-05-31 19:04:44

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON
Related for CVE-2022-1797
nvd1ics1nessus1prion1cvelist1