MEDIUM🇬🇧 English

CVE-2020-6998

CVSS 5.8v3.1pub. 2022-07-27upd. 2025-04-17

The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
  • Rockwellautomation Armor Compact Guardlogix 5370

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Armor Compact Guardlogix 5370 Firmware

    OS
    Rockwellautomation
    ≤ 33
  • Rockwellautomation Compact Guardlogix 5370

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Compact Guardlogix 5370 Firmware

    OS
    Rockwellautomation
    ≤ 33
  • Rockwellautomation Compactlogix 5370 L1

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Compactlogix 5370 L1 Firmware

    OS
    Rockwellautomation
    ≤ 33
  • Rockwellautomation Compactlogix 5370 L2

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Compactlogix 5370 L2 Firmware

    OS
    Rockwellautomation
    ≤ 33
  • Rockwellautomation Compactlogix 5370 L3

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Compactlogix 5370 L3 Firmware

    OS
    Rockwellautomation
    ≤ 33
  • Rockwellautomation Controllogix 5570

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Controllogix 5570 Firmware

    OS
    Rockwellautomation
    ≤ 33
  • Rockwellautomation Guardlogix 5560

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Guardlogix 5560 Firmware

    OS
    Rockwellautomation
    ≤ 33
  • Rockwellautomation Guardlogix 5570

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Guardlogix 5570 Firmware

    OS
    Rockwellautomation
    ≤ 33
  • Rockwellautomation Guardlogix 5580

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Guardlogix 5580 Firmware

    OS
    Rockwellautomation
    ≤ 33
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-22681CRITICAL9.8⚠ KEVten sam produkt

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 ...

CVE-2022-1161CRITICAL10.0ten sam produkt

An attacker with the ability to modify a user program may change user program code on some ControlLogix, Compa...

CVE-2019-10952CRITICAL9.8ten sam produkt

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote...

CVE-2024-6207HIGH8.7ten sam produkt

CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html ...

CVE-2024-8626HIGH8.7ten sam produkt

Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A...