CVSS: 10.0EPSS: 0%CPEs: 48EXPL: 0CVE-2022-1161 – ICSA-22-090-05 Rockwell Automation Logix Controllers
https://notcve.org/view.php?id=CVE-2022-1161
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other. Un atacante con la capacidad de modificar un programa de usuario puede cambiar el código del programa de usuario en algunos sistemas ControlLogix, CompactLogix y GuardLogix Control. Studio 5000 Logix Designer escribe el código del programa legible por el usuario en una ubicación distinta a la del código compilado ejecutado, permitiendo a un atacante cambiar uno y no el otro • https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-22681
https://notcve.org/view.php?id=CVE-2021-22681
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer versiones 21 y posteriores, y RSLogix 5000 versiones 16 hasta 20, usan una clave para verificar que los controladores Logix se estén comunicando con Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer versiones 21 y posteriores y RSLogix 5000: Versiones 16 hasta 20, son vulnerables porque un atacante no autenticado podría pasar por alto este mecanismo de comprobación y autenticarse con Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550 , 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800 • https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03 • CWE-522: Insufficiently Protected Credentials •
CVSS: 10.0EPSS: 0%CPEs: 101EXPL: 0CVE-2016-9343
https://notcve.org/view.php?id=CVE-2016-9343
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service. Ha sido descubierto un problema en Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 a 21.00 (excluyendo todas las versiones de firmware anteriores a FRN 16.00, que no se ven afectadas). Al enviar un paquete de protocolo industrial común (CIP) malformado, un atacante puede realizar un desbordamiento de búfer basado en pila y ejecutar código en el controlador o iniciar un fallo irrecuperable que da como resultado una denegación de servicio. • http://www.securityfocus.com/bid/95304 https://ics-cert.us-cert.gov/advisories/ICSA-16-343-05 • CWE-787: Out-of-bounds Write •
CVSS: 8.5EPSS: 0%CPEs: 18EXPL: 0CVE-2012-6439
https://notcve.org/view.php?id=CVE-2012-6439
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allow remote attackers to cause a denial of service (control and communication outage) via a CIP message that modifies the (1) configuration or (2) network parameters. Rockwell Automation EtherNet/IP; productos 1756-ENBT, 1756-EWEB, 1768-ENBT y módulos de comunicación 1768-EWEB; CompactLogix L32E y L35E, 1788-ENBT adaptador FlexLogix ; AENTR 1794-FLEX I/O EtherNet/IP del adaptador; ControlLogix v18 y anteriores; CompactLogix 18 y anteriores; GuardLogix v18 y anteriores; SoftLogix v18 y anteriores; controladores CompactLogix v19 y anteriores; controladores SoftLogix v19 y anteriores; controladores ControlLogix v20 y anteriores, los controladores GuardLogix v20 y anteriores, y MicroLogix 1100 y 1400 permiten a atacantes remotos causar una denegación de servicio (control y corte de la comunicación) a través de un mensaje CIP que modifica la configuración (1) o (2) los parámetros de red. • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf •
CVSS: 7.8EPSS: 93%CPEs: 18EXPL: 0CVE-2012-6438
https://notcve.org/view.php?id=CVE-2012-6438
Buffer overflow in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and earlier; SoftLogix 18 and earlier; CompactLogix controllers 19 and earlier; SoftLogix controllers 19 and earlier; ControlLogix controllers 20 and earlier; GuardLogix controllers 20 and earlier; and MicroLogix 1100 and 1400 allows remote attackers to cause a denial of service (NIC crash and communication outage) via a malformed CIP packet. Desbordamiento de búfer en Rockwell Automation EtherNet/IP; productos 1756-ENBT, 1756-EWEB, 1768-ENBT y módulos de comunicación 1768-EWEB; CompactLogix L32E y L35E, 1788-ENBT adaptador FlexLogix; AENTR 1794-FLEX adaptador I/O EtherNet/IP; ControlLogix v18 y anteriores; CompactLogix v18 y anteriores; GuardLogix v18 y anteriores; SoftLogix v18 y anteriores; controladores CompactLogix v19 y anteriores; controladores SoftLogix v19 y anteriores; controladores ControlLogix v20 y anteriores, los controladores GuardLogix v20 y anteriores, y MicroLogix 1100 y 1400, permite a atacantes remotos provocar una denegación de servicio (caída NIC y corte de la comunicación) a través de un paquete mal formado CIP. • http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-03.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •