{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_1768-l43_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5902C3FA-4EBC-4F52-A0A6-17530215BBC2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_1768-l43:-:*:*:*:*:*:*:*", "matchCriteriaId": "500CCE0E-688A-4077-BE1A-0EA14E09EDC5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_1768-l45_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E72AC0D0-1DE8-4224-A377-7CD91B935A73", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_1768-l45:-:*:*:*:*:*:*:*", "matchCriteriaId": "DBC58246-9865-463E-B728-E2C408ACB326", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_1769-l31_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8208B8AB-F0D1-4D83-A659-5A8E54923773", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_1769-l31:-:*:*:*:*:*:*:*", "matchCriteriaId": "25C24363-B2E4-4F3A-BB18-7C57A0329141", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_1769-l32c_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "333841E4-E187-49F0-A58E-613E7DEC4567", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_1769-l32c:-:*:*:*:*:*:*:*", "matchCriteriaId": "1424AA33-EED1-45B4-859A-C2E02EE5B117", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_1769-l32e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3931B5BF-BBF4-456B-ACC6-71FF740812DF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_1769-l32e:-:*:*:*:*:*:*:*", "matchCriteriaId": "349841AF-C1A1-4C8D-BCF7-8A11FBBBABC3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_1769-l35cr_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C96F688C-228D-4524-A16F-EFB036A149A6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_1769-l35cr:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D6FC91A-B6D9-4438-AF29-258ABD198526", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_1769-l35e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FA8DFA8-3248-49B1-9A2F-823BAD328E1C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_1769-l35e:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9FABB28-BDEE-4C64-BE22-1A594FA612AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8781D41-3B6E-4738-B56A-779B33F91583", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l3:-:*:*:*:*:*:*:*", "matchCriteriaId": "52C2F377-6F0D-4752-A4A3-C40604A8575D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "60F4218A-EB8E-41AB-B6D2-6FA1C5F4DBE2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l2:-:*:*:*:*:*:*:*", "matchCriteriaId": "65092726-5567-488C-9E32-DC42D34E111D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5370_l1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1AA11CE3-CAF7-4236-BBBA-B0720CF9671E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5370_l1:-:*:*:*:*:*:*:*", "matchCriteriaId": "848B3145-24E4-445B-958A-4C3F84C4546C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6164C08-2D51-4926-8724-DBB6F15AFF8E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB52219D-FA84-436A-9985-CC213FB0CA8E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*", "matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5370_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A99E2DE7-50DA-46D3-AF60-BD38A81FAE55", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5370:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F951670-AF4D-4429-8BC1-79BDEF83B2C3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F84096B0-5D14-408A-ACB6-E16B23D01DB5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*", "matchCriteriaId": "62414E65-73C7-4172-B7BF-F40A66AFBB90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5550_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC2014EF-C7B4-4BA7-A8A2-63FFECA51F74", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5550:-:*:*:*:*:*:*:*", "matchCriteriaId": "13EE2216-F25F-44AB-A167-4EEA153C8F8D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5560_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED54702B-BB6F-423A-9B6E-2A009616F779", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5560:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA25FF8D-51C5-4928-9B90-E4BD1476F50B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5570_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "02588718-A3D7-4FC5-B336-BFE9C9DD099D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5570:-:*:*:*:*:*:*:*", "matchCriteriaId": "482E2CD6-D484-486C-92F4-18432D107E30", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:controllogix_5580_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1B751BB-5C55-46BD-A15D-CCCA9699FC5D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:controllogix_5580:-:*:*:*:*:*:*:*", "matchCriteriaId": "51BB883B-B863-4D57-B1C0-FC7B3EBD1EA0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5560_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3CC3C22D-9FB4-4492-8907-8396A182D300", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5560:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A42D9BC-9468-479A-873D-52175687FCBD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5570_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "19C8A074-6DAF-45F6-8AE0-D004ECDCF80A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5570:-:*:*:*:*:*:*:*", "matchCriteriaId": "321AE938-192A-4342-8608-ADC81F0B6582", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1829B090-7E73-4712-8235-F4C8D53D229F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*", "matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:flexlogix_1794-l34_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7CA46037-9030-449F-ADEE-B4428E3A0CAF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:flexlogix_1794-l34:-:*:*:*:*:*:*:*", "matchCriteriaId": "00F74EB3-FF64-471A-9380-8415516B4683", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:drivelogix_5730_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6D20542-BA18-43AE-9CD7-8DB9F1B069AD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:drivelogix_5730:-:*:*:*:*:*:*:*", "matchCriteriaId": "03E185C3-17CA-4E3F-863B-9F906C5C59EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:softlogix_5800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5EF194E8-E858-43F2-AC60-5AD722973B86", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:softlogix_5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDAB7B6D-CCAC-460B-8A88-3397A2397078", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other."}, {"lang": "es", "value": "Un atacante con la capacidad de modificar un programa de usuario puede cambiar el c\u00f3digo del programa de usuario en algunos sistemas ControlLogix, CompactLogix y GuardLogix Control. Studio 5000 Logix Designer escribe el c\u00f3digo del programa legible por el usuario en una ubicaci\u00f3n distinta a la del c\u00f3digo compilado ejecutado, permitiendo a un atacante cambiar uno y no el otro"}], "id": "CVE-2022-1161", "lastModified": "2024-11-21T06:40:09.667", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-11T20:15:18.017", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-829"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}