Lucene search

[email protected]NVD:CVE-2022-3752

HistoryDec 19, 2022 - 11:15 p.m.

CVE-2022-3752

2022-12-1923:15:10

CWE-20

[email protected]

web.nvd.nist.gov

unauthorized access

denial of service

rockwell automation

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

26.4%

JSON

An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic
loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload
the user project file to bring the device back online and continue normal operation.

Affected configurations

Nvd

Node

rockwellautomationcompactlogix_5480Match-

AND

rockwellautomationcompactlogix_5480_firmwareRange32.011≥

Node

rockwellautomationcompactlogix_5580Match-

AND

rockwellautomationcompactlogix_5580_firmwareRange31.011≥

Node

rockwellautomationguardlogix_5580Match-

AND

rockwellautomationguardlogix_5580_firmwareRange32.011≥

Node

rockwellautomationcompact_guardlogix_5380Match-

AND

rockwellautomationcompact_guardlogix_5380_firmwareRange31.011≥

Node

rockwellautomationcompactlogix_5380Match-

AND

rockwellautomationcompactlogix_5380_firmwareRange31.011≥

VendorProductVersionCPE
rockwellautomationcompactlogix_5480-cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*
rockwellautomationcompactlogix_5480_firmware*cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*
rockwellautomationcompactlogix_5580-cpe:2.3:h:rockwellautomation:compactlogix_5580:-:*:*:*:*:*:*:*
rockwellautomationcompactlogix_5580_firmware*cpe:2.3:o:rockwellautomation:compactlogix_5580_firmware:*:*:*:*:*:*:*:*
rockwellautomationguardlogix_5580-cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*
rockwellautomationguardlogix_5580_firmware*cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*
rockwellautomationcompact_guardlogix_5380-cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*
rockwellautomationcompact_guardlogix_5380_firmware*cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*
rockwellautomationcompactlogix_5380-cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*
rockwellautomationcompactlogix_5380_firmware*cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
rockwellautomation	compactlogix_5480	-	cpe:2.3:h:rockwellautomation:compactlogix_5480:-:::::::*
rockwellautomation	compactlogix_5480_firmware	*	cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware::::::::
rockwellautomation	compactlogix_5580	-	cpe:2.3:h:rockwellautomation:compactlogix_5580:-:::::::*
rockwellautomation	compactlogix_5580_firmware	*	cpe:2.3:o:rockwellautomation:compactlogix_5580_firmware::::::::
rockwellautomation	guardlogix_5580	-	cpe:2.3:h:rockwellautomation:guardlogix_5580:-:::::::*
rockwellautomation	guardlogix_5580_firmware	*	cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware::::::::
rockwellautomation	compact_guardlogix_5380	-	cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:::::::*
rockwellautomation	compact_guardlogix_5380_firmware	*	cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware::::::::
rockwellautomation	compactlogix_5380	-	cpe:2.3:h:rockwellautomation:compactlogix_5380:-:::::::*
rockwellautomation	compactlogix_5380_firmware	*	cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware::::::::