Main Vulnerability Database SB2022040105

SB2022040105 - Remote code execution in Rockwell Automation Logix Controllers

Published: April 1, 2022

Security Bulletin ID SB2022040105

Severity

High

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Inclusion of Functionality from Untrusted Control Sphere (CVE-ID: CVE-2022-1161)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to inclusion of functionality from untrusted control sphere. A remote attacker with the ability to modify a user program can change user program code on some control systems and execute arbitrary code on the target system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://ics-cert.us-cert.gov/advisories/icsa-22-090-05

Vulnerable Software

1768 CompactLogix: All versions
1769 CompactLogix: All versions
CompactLogix 5370: All versions
CompactLogix 5380: All versions
CompactLogix 5480: All versions
Compact GuardLogix 5370: All versions
Compact GuardLogix 5380: All versions
ControlLogix 5550: All versions
ControlLogix 5560: All versions
ControlLogix 5570: All versions
ControlLogix 5580: All versions
GuardLogix 5560: All versions
GuardLogix 5570: All versions
GuardLogix 5580: All versions
FlexLogix 1794-L34: All versions
DriveLogix 5730: All versions
SoftLogix 5800: All versions