// For flags

CVE-2020-6998

Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers Improper Input Validation

Severity Score

8.6
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.

El algoritmo de establecimiento de conexión encontrado en Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versiones 33 y anteriores, no administra suficientemente su flujo de control durante la ejecución, creando un bucle infinito. Esto puede permitir a un atacante enviar peticiones de paquetes CIP especialmente diseñados a un controlador, lo que puede causar condiciones de denegación de servicio en las comunicaciones con otros productos

*Credits: Yeop Chang reported this vulnerability to CISA.
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-01-14 CVE Reserved
  • 2022-07-27 CVE Published
  • 2024-02-17 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Rockwellautomation
Search vendor "Rockwellautomation"
Armor Compact Guardlogix 5370 Firmware
Search vendor "Rockwellautomation" for product "Armor Compact Guardlogix 5370 Firmware"
<= 33
Search vendor "Rockwellautomation" for product "Armor Compact Guardlogix 5370 Firmware" and version " <= 33"
-
Affected
in Rockwellautomation
Search vendor "Rockwellautomation"
Armor Compact Guardlogix 5370
Search vendor "Rockwellautomation" for product "Armor Compact Guardlogix 5370"
--
Safe
Rockwellautomation
Search vendor "Rockwellautomation"
Compact Guardlogix 5370 Firmware
Search vendor "Rockwellautomation" for product "Compact Guardlogix 5370 Firmware"
<= 33
Search vendor "Rockwellautomation" for product "Compact Guardlogix 5370 Firmware" and version " <= 33"
-
Affected
in Rockwellautomation
Search vendor "Rockwellautomation"
Compact Guardlogix 5370
Search vendor "Rockwellautomation" for product "Compact Guardlogix 5370"
--
Safe
Rockwellautomation
Search vendor "Rockwellautomation"
Compactlogix 5370 L1 Firmware
Search vendor "Rockwellautomation" for product "Compactlogix 5370 L1 Firmware"
<= 33
Search vendor "Rockwellautomation" for product "Compactlogix 5370 L1 Firmware" and version " <= 33"
-
Affected
in Rockwellautomation
Search vendor "Rockwellautomation"
Compactlogix 5370 L1
Search vendor "Rockwellautomation" for product "Compactlogix 5370 L1"
--
Safe
Rockwellautomation
Search vendor "Rockwellautomation"
Compactlogix 5370 L2 Firmware
Search vendor "Rockwellautomation" for product "Compactlogix 5370 L2 Firmware"
<= 33
Search vendor "Rockwellautomation" for product "Compactlogix 5370 L2 Firmware" and version " <= 33"
-
Affected
in Rockwellautomation
Search vendor "Rockwellautomation"
Compactlogix 5370 L2
Search vendor "Rockwellautomation" for product "Compactlogix 5370 L2"
--
Safe
Rockwellautomation
Search vendor "Rockwellautomation"
Compactlogix 5370 L3 Firmware
Search vendor "Rockwellautomation" for product "Compactlogix 5370 L3 Firmware"
<= 33
Search vendor "Rockwellautomation" for product "Compactlogix 5370 L3 Firmware" and version " <= 33"
-
Affected
in Rockwellautomation
Search vendor "Rockwellautomation"
Compactlogix 5370 L3
Search vendor "Rockwellautomation" for product "Compactlogix 5370 L3"
--
Safe
Rockwellautomation
Search vendor "Rockwellautomation"
Controllogix 5570 Firmware
Search vendor "Rockwellautomation" for product "Controllogix 5570 Firmware"
<= 33
Search vendor "Rockwellautomation" for product "Controllogix 5570 Firmware" and version " <= 33"
-
Affected
in Rockwellautomation
Search vendor "Rockwellautomation"
Controllogix 5570
Search vendor "Rockwellautomation" for product "Controllogix 5570"
--
Safe
Rockwellautomation
Search vendor "Rockwellautomation"
Guardlogix 5560 Firmware
Search vendor "Rockwellautomation" for product "Guardlogix 5560 Firmware"
<= 33
Search vendor "Rockwellautomation" for product "Guardlogix 5560 Firmware" and version " <= 33"
-
Affected
in Rockwellautomation
Search vendor "Rockwellautomation"
Guardlogix 5560
Search vendor "Rockwellautomation" for product "Guardlogix 5560"
--
Safe
Rockwellautomation
Search vendor "Rockwellautomation"
Guardlogix 5570 Firmware
Search vendor "Rockwellautomation" for product "Guardlogix 5570 Firmware"
<= 33
Search vendor "Rockwellautomation" for product "Guardlogix 5570 Firmware" and version " <= 33"
-
Affected
in Rockwellautomation
Search vendor "Rockwellautomation"
Guardlogix 5570
Search vendor "Rockwellautomation" for product "Guardlogix 5570"
--
Safe
Rockwellautomation
Search vendor "Rockwellautomation"
Guardlogix 5580 Firmware
Search vendor "Rockwellautomation" for product "Guardlogix 5580 Firmware"
<= 33
Search vendor "Rockwellautomation" for product "Guardlogix 5580 Firmware" and version " <= 33"
-
Affected
in Rockwellautomation
Search vendor "Rockwellautomation"
Guardlogix 5580
Search vendor "Rockwellautomation" for product "Guardlogix 5580"
--
Safe