CVE-2022-3166

MicroLogix 1100 & 1400 Product Web Server Application Vulnerable to Denial-Of-Service Condition Attack

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device

Se informó a Rockwell Automation que los servidores web de los controladores Micrologix 1100 y 1400 contienen una vulnerabilidad que puede provocar una condición de Denegación de Servicio (DoS). La vulnerabilidad de seguridad podría ser explotada por un atacante con acceso a la red de los sistemas afectados enviando paquetes TCP al servidor web y cerrándolo abruptamente, lo que causaría una condición de Denegación de Servicio (DoS) para la aplicación del servidor web en el dispositivo.

*Credits: Parul Sindhwad and Dr. Faruk Kazi of CoE-CNDS Lab, VJTI, Mumbai, India reported this vulnerability to Rockwell Automation

CVSS Scores

NISTv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-09-08 CVE Reserved
2022-12-16 CVE Published
2024-07-08 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel

CAPEC

CAPEC-176: Configuration/Environment Manipulation

References (0)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Rockwellautomation Search vendor "Rockwellautomation"	Micrologix 1100 Firmware Search vendor "Rockwellautomation" for product "Micrologix 1100 Firmware"	-	-	Affected	in	Rockwellautomation Search vendor "Rockwellautomation"	Micrologix 1100 Search vendor "Rockwellautomation" for product "Micrologix 1100"	-	-	Safe
Rockwellautomation Search vendor "Rockwellautomation"	Micrologix 1400 Firmware Search vendor "Rockwellautomation" for product "Micrologix 1400 Firmware"	-	-	Affected	in	Rockwellautomation Search vendor "Rockwellautomation"	Micrologix 1400 Search vendor "Rockwellautomation" for product "Micrologix 1400"	-	-	Safe