CVE-2022-46670 – Rockwell Automation MicroLogix 1100 & 1400 Vulnerable to Cross-Site Scripting Attack
https://notcve.org/view.php?id=CVE-2022-46670
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website. Un investigador de seguridad del Instituto de Tecnología de Georgia informó a Rockwell Automation de una vulnerabilidad que indica que los controladores MicroLogix 1100 y 1400 contienen una vulnerabilidad que puede brindarle a un atacante la capacidad de realizar la ejecución remota de código. La vulnerabilidad es de Cross-Site Scripting almacenado, no autenticada en el servidor web integrado. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137679 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-17924
https://notcve.org/view.php?id=CVE-2018-17924
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address. Rockwell Automation MicroLogix 1400 Controllers y 1756 ControlLogix Communications Modules. Un actor de amenaza remoto no autenticado podría enviar una petición de conexión CIP a un dispositivo afectado y, tras conectarse exitosamente, enviar una nueva configuración IP al dispositivo afectado incluso aunque el controlador en el sistema esté configurado en modo Hard RUN. Cuando el dispositivo afectado acepta esta nueva configuración IP, ocurre una pérdida de comunicación entre el dispositivo y el resto del sistema, ya que el tráfico del sistema sigue intentando comunicarse con el dispositivo mediante la dirección IP sobrescrita. • https://github.com/g0dd0ghd/CVE-2018-17924-PoC http://www.securityfocus.com/bid/106132 https://ics-cert.us-cert.gov/advisories/ICSA-18-310-02 • CWE-306: Missing Authentication for Critical Function •