CVE-2020-6998
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers Improper Input Validation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.
El algoritmo de establecimiento de conexión encontrado en Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versiones 33 y anteriores, no administra suficientemente su flujo de control durante la ejecución, creando un bucle infinito. Esto puede permitir a un atacante enviar peticiones de paquetes CIP especialmente diseñados a un controlador, lo que puede causar condiciones de denegación de servicio en las comunicaciones con otros productos
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-14 CVE Reserved
- 2022-07-27 CVE Published
- 2024-02-17 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-21-061-02 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Rockwellautomation Search vendor "Rockwellautomation" | Armor Compact Guardlogix 5370 Firmware Search vendor "Rockwellautomation" for product "Armor Compact Guardlogix 5370 Firmware" | <= 33 Search vendor "Rockwellautomation" for product "Armor Compact Guardlogix 5370 Firmware" and version " <= 33" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Armor Compact Guardlogix 5370 Search vendor "Rockwellautomation" for product "Armor Compact Guardlogix 5370" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Compact Guardlogix 5370 Firmware Search vendor "Rockwellautomation" for product "Compact Guardlogix 5370 Firmware" | <= 33 Search vendor "Rockwellautomation" for product "Compact Guardlogix 5370 Firmware" and version " <= 33" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compact Guardlogix 5370 Search vendor "Rockwellautomation" for product "Compact Guardlogix 5370" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L1 Firmware Search vendor "Rockwellautomation" for product "Compactlogix 5370 L1 Firmware" | <= 33 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L1 Firmware" and version " <= 33" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L1 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L1" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L2 Firmware Search vendor "Rockwellautomation" for product "Compactlogix 5370 L2 Firmware" | <= 33 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L2 Firmware" and version " <= 33" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L2 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L2" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L3 Firmware Search vendor "Rockwellautomation" for product "Compactlogix 5370 L3 Firmware" | <= 33 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L3 Firmware" and version " <= 33" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5370 L3 Search vendor "Rockwellautomation" for product "Compactlogix 5370 L3" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Controllogix 5570 Firmware Search vendor "Rockwellautomation" for product "Controllogix 5570 Firmware" | <= 33 Search vendor "Rockwellautomation" for product "Controllogix 5570 Firmware" and version " <= 33" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Controllogix 5570 Search vendor "Rockwellautomation" for product "Controllogix 5570" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Guardlogix 5560 Firmware Search vendor "Rockwellautomation" for product "Guardlogix 5560 Firmware" | <= 33 Search vendor "Rockwellautomation" for product "Guardlogix 5560 Firmware" and version " <= 33" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Guardlogix 5560 Search vendor "Rockwellautomation" for product "Guardlogix 5560" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Guardlogix 5570 Firmware Search vendor "Rockwellautomation" for product "Guardlogix 5570 Firmware" | <= 33 Search vendor "Rockwellautomation" for product "Guardlogix 5570 Firmware" and version " <= 33" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Guardlogix 5570 Search vendor "Rockwellautomation" for product "Guardlogix 5570" | - | - |
Safe
|
Rockwellautomation Search vendor "Rockwellautomation" | Guardlogix 5580 Firmware Search vendor "Rockwellautomation" for product "Guardlogix 5580 Firmware" | <= 33 Search vendor "Rockwellautomation" for product "Guardlogix 5580 Firmware" and version " <= 33" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Guardlogix 5580 Search vendor "Rockwellautomation" for product "Guardlogix 5580" | - | - |
Safe
|