Lucene search
IcscertCVELIST:CVE-2022-1159HistoryApr 01, 2022 - 10:17 p.m.
CVE-2022-1159 Rockwell Automation Studio 5000 Logix Designer Code Injection
2022-04-0122:17:51
CWE-94
icscert
www.cve.org
8
rockwell automation
logix designer
code injection
vulnerable
administrator access
CVSS3
7.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
29.2%
Rockwell Automation Studio 5000 Logix Designer (all versions) are vulnerable when an attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject controller code undetectable to a user.
CNA Affected
[
{
"product": "Studio 5000 Logix Designer",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
]Related
ics
ics
Rockwell Automation Studio 5000 Logix Designer
2022-03-31 12:00:00
nessus
nessus
prion
prion
Code injection
2022-04-01 23:15:00
nvd
nvd
CVE-2022-1159
2022-04-01 23:15:12
cve
cve
CVE-2022-1159
2022-04-01 23:15:12
thn
thn
CVSS3
7.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
29.2%
Related for CVELIST:CVE-2022-1159