Lucene search

PRIOn knowledge basePRION:CVE-2022-2004

HistoryAug 31, 2022 - 4:15 p.m.

Design/Logic Flaw

2022-08-3116:15:00

PRIOn knowledge base

www.prio-n.com

directlogic

plc

vulnerability

denial-of-service

automationdirect

d0-06 series cpus

d0-06dd1

d0-06dd2

d0-06dr

d0-06da

d0-06ar

d0-06aa

d0-06dd1-d

d0-06dd2-d

d0-06dr-d

nvd

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.1%

JSON

AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;

CPENameOperatorVersion
d0-06aa_firmwarelt2.72
d0-06ar_firmwarelt2.72
d0-06da_firmwarelt2.72
d0-06dd1-d_firmwarelt2.72
d0-06dd1_firmwarelt2.72
d0-06dd2-d_firmwarelt2.72
d0-06dd2_firmwarelt2.72
d0-06dr-d_firmwarelt2.72
d0-06dr_firmwarelt2.72

Name	Operator	Version
d0-06aa_firmware	lt	2.72
d0-06ar_firmware	lt	2.72
d0-06da_firmware	lt	2.72
d0-06dd1-d_firmware	lt	2.72
d0-06dd1_firmware	lt	2.72
d0-06dd2-d_firmware	lt	2.72
d0-06dd2_firmware	lt	2.72
d0-06dr-d_firmware	lt	2.72
d0-06dr_firmware	lt	2.72

References

www.cisa.gov/uscert/ics/advisories/icsa-22-167-03