Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-1161
HistoryApr 11, 2022 - 8:15 p.m.

CVE-2022-1161

2022-04-1120:15:18
CWE-829
[email protected]
web.nvd.nist.gov
6
attacker
controllogix
compactlogix
guardlogix

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

41.5%

JSON

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.

Affected configurations

Nvd
Node
rockwellautomationcompactlogix_1768-l43Match-
AND
rockwellautomationcompactlogix_1768-l43_firmware
Node
rockwellautomationcompactlogix_1768-l45Match-
AND
rockwellautomationcompactlogix_1768-l45_firmware
Node
rockwellautomationcompactlogix_1769-l31Match-
AND
rockwellautomationcompactlogix_1769-l31_firmware
Node
rockwellautomationcompactlogix_1769-l32cMatch-
AND
rockwellautomationcompactlogix_1769-l32c_firmware
Node
rockwellautomationcompactlogix_1769-l32eMatch-
AND
rockwellautomationcompactlogix_1769-l32e_firmware
Node
rockwellautomationcompactlogix_1769-l35crMatch-
AND
rockwellautomationcompactlogix_1769-l35cr_firmware
Node
rockwellautomationcompactlogix_1769-l35eMatch-
AND
rockwellautomationcompactlogix_1769-l35e_firmware
Node
rockwellautomationcompactlogix_5370_l3Match-
AND
rockwellautomationcompactlogix_5370_l3_firmware
Node
rockwellautomationcompactlogix_5370_l2_firmware
AND
rockwellautomationcompactlogix_5370_l2Match-
Node
rockwellautomationcompactlogix_5370_l1_firmware
AND
rockwellautomationcompactlogix_5370_l1Match-
Node
rockwellautomationcompactlogix_5380_firmware
AND
rockwellautomationcompactlogix_5380Match-
Node
rockwellautomationcompactlogix_5480_firmware
AND
rockwellautomationcompactlogix_5480Match-
Node
rockwellautomationcompact_guardlogix_5370_firmware
AND
rockwellautomationcompact_guardlogix_5370Match-
Node
rockwellautomationcompact_guardlogix_5380_firmware
AND
rockwellautomationcompact_guardlogix_5380Match-
Node
rockwellautomationcontrollogix_5550_firmware
AND
rockwellautomationcontrollogix_5550Match-
Node
rockwellautomationcontrollogix_5560_firmware
AND
rockwellautomationcontrollogix_5560Match-
Node
rockwellautomationcontrollogix_5570_firmware
AND
rockwellautomationcontrollogix_5570Match-
Node
rockwellautomationcontrollogix_5580_firmware
AND
rockwellautomationcontrollogix_5580Match-
Node
rockwellautomationguardlogix_5560_firmware
AND
rockwellautomationguardlogix_5560Match-
Node
rockwellautomationguardlogix_5570_firmware
AND
rockwellautomationguardlogix_5570Match-
Node
rockwellautomationguardlogix_5580_firmware
AND
rockwellautomationguardlogix_5580Match-
Node
rockwellautomationflexlogix_1794-l34_firmware
AND
rockwellautomationflexlogix_1794-l34Match-
Node
rockwellautomationdrivelogix_5730_firmware
AND
rockwellautomationdrivelogix_5730Match-
Node
rockwellautomationsoftlogix_5800_firmware
AND
rockwellautomationsoftlogix_5800Match-

Related

nessus 1
prion 1
cvelist 2
cve 2
ics 1
thn 2
nvd 1
vulnrichment 1
nessus
nessus
Rockwell Automation Logix Controllers Inclusion of Functionality From Untrusted Control Sphere (CVE-2022-1161)
2022-04-28 00:00:00
prion
prion
Code injection
2022-04-11 20:15:00
cvelist
cvelist
CVE-2022-1161 ICSA-22-090-05 Rockwell Automation Logix Controllers
2022-03-31 00:00:00
CVE-2024-6325 Rockwell Automation Unsecured Private Keys in FactoryTalkยฎ System Services
2024-07-16 16:43:44
cve
cve
CVE-2022-1161
2022-04-11 20:15:18
CVE-2024-6325
2024-07-16 17:15:11
ics
ics
Rockwell Automation Logix Controllers
2022-03-31 12:00:00
thn
thn
Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code
2022-04-01 12:31:00
Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys
2022-10-12 10:41:00
nvd
nvd
CVE-2024-6325
2024-07-16 17:15:11
vulnrichment
vulnrichment
CVE-2024-6325 Rockwell Automation Unsecured Private Keys in FactoryTalkยฎ System Services
2024-07-16 16:43:44

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

41.5%

JSON
Related for NVD:CVE-2022-1161
nessus1prion1cvelist2cve2ics1thn2nvd1vulnrichment1