HIGH🇵🇱 Wersja polska

CVE-2022-3157

CVSS 8.6v3.1pub. 2022-12-16upd. 2024-11-21

A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Rockwellautomation Compact Guardlogix 5370

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Compact Guardlogix 5370 Firmware

    OS
    Rockwellautomation
    28 – 33
  • Rockwellautomation Compact Guardlogix 5380

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Compact Guardlogix 5380 Firmware

    OS
    Rockwellautomation
    28 – 33
  • Rockwellautomation Compactlogix 5370

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Compactlogix 5370 Firmware

    OS
    Rockwellautomation
    20 – 33
  • Rockwellautomation Controllogix 5570

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Controllogix 5570 Firmware

    OS
    Rockwellautomation
    20 – 33
  • Rockwellautomation Controllogix 5570 Redundancy

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Controllogix 5570 Redundancy Firmware

    OS
    Rockwellautomation
    20 – 33
  • Rockwellautomation Guardlogix 5570

    HW
    Rockwellautomation
    wszystkie wersje
  • Rockwellautomation Guardlogix 5570 Firmware

    OS
    Rockwellautomation
    20 – 33
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-22681CRITICAL9.8⚠ KEVten sam produkt

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 ...

CVE-2022-1161CRITICAL10.0ten sam produkt

An attacker with the ability to modify a user program may change user program code on some ControlLogix, Compa...

CVE-2024-8626HIGH8.7ten sam produkt

Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A...

CVE-2024-5659HIGH8.3ten sam produkt

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network...

CVE-2024-3493HIGH8.6ten sam produkt

A specific malformed fragmented packet type (fragmented packets may be generated automatically by devices tha...