6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.2%
The version of Rockwell Studio 5000 Logix Designer installed on the remote Windows host is prior to V34. It is, therefore, affected by a vulnerability.
This plugin requires paranoia because it cannot test for all mitigations.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(198230);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/03");
script_cve_id("CVE-2022-1159");
script_xref(name:"ICSA", value:"22-090-07");
script_xref(name:"IAVB", value:"2024-B-0067");
script_name(english:"Rockwell Studio 5000 Logix Designer < V34 Code Hiding");
script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote Windows host is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of Rockwell Studio 5000 Logix Designer installed on the remote Windows host is prior to V34. It is, therefore, affected by a
vulnerability.
- An attacker who achieves administrator access on a workstation running
Studio 5000 Logix Designer could inject controller code undetectable to a
user. (CVE-2022-1159)
This plugin requires paranoia because it cannot test for all mitigations.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-22-090-07");
# https://claroty.com/team82/research/hiding-code-on-rockwell-automation-plcs
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7c944bfe");
script_set_attribute(attribute:"solution", value:
"Upgrade to Rockwell Studio 5000 Logix Designer to V34 or later and refer to vendor advisory for additional
mitigations. Note that upgrading does not directly address the issue, but Rockwell notes additional steps
you can take to mitigate the issue, including upgrading the controller firmware and utilizing compare tools
to ensure the integrity of your programs.");
script_set_attribute(attribute:"agent", value:"windows");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-1159");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/31");
script_set_attribute(attribute:"patch_publication_date", value:"2022/03/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/05/31");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:rockwellautomation:studio_5000_logix_designer");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SCADA");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("rockwell_studio_5000_logix_designer_win_installed.nbin");
script_require_keys("installed_sw/Rockwell Studio 5000 Logix Designer");
exit(0);
}
include('vcf.inc');
var app_info = vcf::get_app_info(app:'Rockwell Studio 5000 Logix Designer', win_local:TRUE);
var constraints = [
{'fixed_version' : '34.0', 'fixed_display': 'V34' }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, require_paranoia:TRUE);
Vendor | Product | Version | CPE |
---|---|---|---|
rockwellautomation | studio_5000_logix_designer | cpe:/a:rockwellautomation:studio_5000_logix_designer |
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.2%