CVE-2022-3752
Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic
loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload
the user project file to bring the device back online and continue normal operation.
Un usuario no autorizado podría utilizar una secuencia especialmente manipulada de mensajes Ethernet/IP, combinada con una gran carga de tráfico, para provocar una condición de Denegación de Servicio (DoS) en los controladores Logix de Rockwell Automation, lo que provocaría una falla importante no recuperable. Si el dispositivo de destino deja de estar disponible, el usuario tendría que borrar la falla y volver a descargar el archivo de proyecto del usuario para volver a poner el dispositivo en línea y continuar con el funcionamiento normal.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-10-28 CVE Reserved
- 2022-12-19 CVE Published
- 2024-07-11 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
- CAPEC-594: Traffic Injection
References (0)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5480 Firmware Search vendor "Rockwellautomation" for product "Compactlogix 5480 Firmware" | >= 32.011 Search vendor "Rockwellautomation" for product "Compactlogix 5480 Firmware" and version " >= 32.011" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5480 Search vendor "Rockwellautomation" for product "Compactlogix 5480" | - | - |
Safe
|
| Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5580 Firmware Search vendor "Rockwellautomation" for product "Compactlogix 5580 Firmware" | >= 31.011 Search vendor "Rockwellautomation" for product "Compactlogix 5580 Firmware" and version " >= 31.011" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5580 Search vendor "Rockwellautomation" for product "Compactlogix 5580" | - | - |
Safe
|
| Rockwellautomation Search vendor "Rockwellautomation" | Guardlogix 5580 Firmware Search vendor "Rockwellautomation" for product "Guardlogix 5580 Firmware" | >= 32.011 Search vendor "Rockwellautomation" for product "Guardlogix 5580 Firmware" and version " >= 32.011" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Guardlogix 5580 Search vendor "Rockwellautomation" for product "Guardlogix 5580" | - | - |
Safe
|
| Rockwellautomation Search vendor "Rockwellautomation" | Compact Guardlogix 5380 Firmware Search vendor "Rockwellautomation" for product "Compact Guardlogix 5380 Firmware" | >= 31.011 Search vendor "Rockwellautomation" for product "Compact Guardlogix 5380 Firmware" and version " >= 31.011" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compact Guardlogix 5380 Search vendor "Rockwellautomation" for product "Compact Guardlogix 5380" | - | - |
Safe
|
| Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5380 Firmware Search vendor "Rockwellautomation" for product "Compactlogix 5380 Firmware" | >= 31.011 Search vendor "Rockwellautomation" for product "Compactlogix 5380 Firmware" and version " >= 31.011" | - |
Affected
| in | Rockwellautomation Search vendor "Rockwellautomation" | Compactlogix 5380 Search vendor "Rockwellautomation" for product "Compactlogix 5380" | - | - |
Safe
|