CVE-2022-3157 - OpenCVE

A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS).

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Rockwellautomation	Guardlogix 5570 Compact Guardlogix 5370 Controllogix 5570 Redundancy Compact Guardlogix 5370 Firmware Compact Guardlogix 5380 Firmware Controllogix 5570 Redundancy Firmware Guardlogix 5570 Firmware Controllogix 5570 Compact Guardlogix 5380 Controllogix 5570 Firmware Compactlogix 5370 Compactlogix 5370 Firmware

Configuration 1 [-]

AND

cpe:2.3:h:rockwellautomation:compactlogix_5370:-:*:*:*:*:*:*:*

cpe:2.3:o:rockwellautomation:compactlogix_5370_firmware:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*

cpe:2.3:o:rockwellautomation:compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*

cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:h:rockwellautomation:controllogix_5570:-:*:*:*:*:*:*:*

cpe:2.3:o:rockwellautomation:controllogix_5570_firmware:*:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:h:rockwellautomation:controllogix_5570_redundancy:-:*:*:*:*:*:*:*

cpe:2.3:o:rockwellautomation:controllogix_5570_redundancy_firmware:*:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:h:rockwellautomation:guardlogix_5570:-:*:*:*:*:*:*:*

cpe:2.3:o:rockwellautomation:guardlogix_5570_firmware:*:*:*:*:*:*:*:*

References

Link	Resource
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137757	Permissions Required Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Rockwell

Published: 2022-12-16T20:35:55.689Z

Updated:

Reserved: 2022-09-07T19:00:02.431Z

Link: CVE-2022-3157

JSON object: View

NVD Information

Status : Modified

Published: 2022-12-16T21:15:08.797

Modified: 2023-11-07T03:50:52.127

Link: CVE-2022-3157

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-3157", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "requesterUserId": "20b06643-9bf3-4d1d-a98d-f8db99f95a31", "dateReserved": "2022-09-07T19:00:02.431Z", "datePublished": "2022-12-16T20:35:55.689Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "CompactLogix 5370", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "33", "status": "affected", "version": "20", "versionType": "Major"}]}, {"defaultStatus": "unaffected", "product": "Compact GuardLogix", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "33", "status": "affected", "version": "28", "versionType": "Major"}]}, {"defaultStatus": "unaffected", "product": "ControlLogix 5570", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "33", "status": "affected", "version": "20", "versionType": "Major"}]}, {"defaultStatus": "unaffected", "product": "ControlLogix 5570 Redundancy", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "33", "status": "affected", "version": "20", "versionType": "Major"}]}, {"defaultStatus": "unaffected", "product": "GuardLogix 5570", "vendor": "Rockwell Automation", "versions": [{"lessThanOrEqual": "33", "status": "affected", "version": "20", "versionType": "Major"}]}], "datePublic": "2022-12-15T15:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS). </span>\n\n"}], "value": "\nA vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS). \n\n"}], "impacts": [{"capecId": "CAPEC-123", "descriptions": [{"lang": "en", "value": "CAPEC-123 Buffer Manipulation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2022-12-16T20:35:55.689Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137757"}], "source": {"discovery": "UNKNOWN"}, "title": "Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5370:-:*:*:*:*:*:*:*", "matchCriteriaId": "E12ADAE3-97B1-48BC-BE69-ED75667C1886", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5370_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2EFE566E-F923-4357-9A81-CF80C9781460", "versionEndIncluding": "33", "versionStartIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F951670-AF4D-4429-8BC1-79BDEF83B2C3", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F56AE05D-6230-4540-B57D-F04ADC4AF81E", "versionEndIncluding": "33", "versionStartIncluding": "28", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*", "matchCriteriaId": "62414E65-73C7-4172-B7BF-F40A66AFBB90", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FFA0CB3-AAF6-4E96-B341-EA9EC76FB1EB", "versionEndIncluding": "33", "versionStartIncluding": "28", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5570:-:*:*:*:*:*:*:*", "matchCriteriaId": "482E2CD6-D484-486C-92F4-18432D107E30", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E926CC52-8EBD-4B0B-86EF-0815028D5422", "versionEndIncluding": "33", "versionStartIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5570_redundancy:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF7B47C6-086E-45B2-A434-494379C4A0CC", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_redundancy_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD1093B1-FA26-4EC5-8B47-34162E2F1645", "versionEndIncluding": "33", "versionStartIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5570:-:*:*:*:*:*:*:*", "matchCriteriaId": "321AE938-192A-4342-8608-ADC81F0B6582", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "297151D4-F4AE-4D52-B1BD-82BF13DD4228", "versionEndIncluding": "33", "versionStartIncluding": "20", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nA vulnerability exists in the Rockwell Automation controllers that allows a malformed CIP request to cause a major non-recoverable fault (MNRF) and a denial-of-service condition (DOS). \n\n"}, {"lang": "es", "value": "Existe una vulnerabilidad en los controladores de Rockwell Automation que permite que una solicitud CIP con formato incorrecto cause una falla mayor no recuperable (MNRF) y una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) (DOS)."}], "id": "CVE-2022-3157", "lastModified": "2023-11-07T03:50:52.127", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}, "published": "2022-12-16T21:15:08.797", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137757"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}]}