{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-3752", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "state": "PUBLISHED", "assignerShortName": "Rockwell", "dateReserved": "2022-10-28T20:53:01.640Z", "datePublished": "2022-12-19T22:23:36.836Z", "dateUpdated": "2025-04-16T14:28:03.254Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "CompactLogix 5480", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "32.011 and later"}]}, {"defaultStatus": "unaffected", "product": "ControlLogix 5580 ", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "31.011 and later"}]}, {"defaultStatus": "unaffected", "product": "GuardLogix 5580", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "31.011 and later"}]}, {"defaultStatus": "unaffected", "product": "Compact GuardLogix 5380", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "31.011 and later"}]}, {"defaultStatus": "unaffected", "product": "CompactLogix 5380", "vendor": "Rockwell Automation", "versions": [{"status": "affected", "version": "31.011 and later"}]}], "datePublic": "2022-12-13T15:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic \nloading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload \nthe user project file to bring the device back online and continue normal operation.\n\n\n"}], "value": "An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic \nloading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload \nthe user project file to bring the device back online and continue normal operation.\n\n\n"}], "impacts": [{"capecId": "CAPEC-594", "descriptions": [{"lang": "en", "value": "CAPEC-594 Traffic Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2022-12-27T18:16:26.185Z"}, "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137664"}], "source": {"discovery": "UNKNOWN"}, "title": "Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:20:57.729Z"}, "title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137664", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-16T14:27:21.670498Z", "id": "CVE-2022-3752", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-16T14:28:03.254Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137664", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:20:57.729Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-3752", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-16T14:27:21.670498Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-16T14:27:28.736Z"}}], "cna": {"title": "Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-594", "descriptions": [{"lang": "en", "value": "CAPEC-594 Traffic Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Rockwell Automation", "product": "CompactLogix 5480", "versions": [{"status": "affected", "version": "32.011 and later"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "ControlLogix 5580 ", "versions": [{"status": "affected", "version": "31.011 and later"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "GuardLogix 5580", "versions": [{"status": "affected", "version": "31.011 and later"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "Compact GuardLogix 5380", "versions": [{"status": "affected", "version": "31.011 and later"}], "defaultStatus": "unaffected"}, {"vendor": "Rockwell Automation", "product": "CompactLogix 5380", "versions": [{"status": "affected", "version": "31.011 and later"}], "defaultStatus": "unaffected"}], "datePublic": "2022-12-13T15:00:00.000Z", "references": [{"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137664"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic \nloading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload \nthe user project file to bring the device back online and continue normal operation.\n\n\n", "supportingMedia": [{"type": "text/html", "value": "An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic \nloading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload \nthe user project file to bring the device back online and continue normal operation.\n\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "b73dd486-f505-4403-b634-40b078b177f0", "shortName": "Rockwell", "dateUpdated": "2022-12-27T18:16:26.185Z"}}}, "cveMetadata": {"cveId": "CVE-2022-3752", "state": "PUBLISHED", "dateUpdated": "2025-04-16T14:28:03.254Z", "dateReserved": "2022-10-28T20:53:01.640Z", "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0", "datePublished": "2022-12-19T22:23:36.836Z", "assignerShortName": "Rockwell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5480_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A3BB8945-AC46-463C-A7D9-15584AD0FA68", "versionStartIncluding": "32.011", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5480:-:*:*:*:*:*:*:*", "matchCriteriaId": "80F4F5BE-07DF-402A-BF98-34FBA6A11968", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5580_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDD27C92-CC9B-4780-B7AC-8ECBE1FF7C77", "versionStartIncluding": "31.011", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5580:-:*:*:*:*:*:*:*", "matchCriteriaId": "CEA62D6E-168F-4EEC-9E90-C679273C1CDB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:guardlogix_5580_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "25846D71-4F46-4C50-BB76-5D692DE9ACFE", "versionStartIncluding": "32.011", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:guardlogix_5580:-:*:*:*:*:*:*:*", "matchCriteriaId": "006B7683-9FDF-4748-BA28-2EA22613E092", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compact_guardlogix_5380_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E187CC9F-3BFC-4AE3-A4E5-477416A16E24", "versionStartIncluding": "31.011", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compact_guardlogix_5380:-:*:*:*:*:*:*:*", "matchCriteriaId": "62414E65-73C7-4172-B7BF-F40A66AFBB90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:compactlogix_5380_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "65D5D8EB-6A19-4849-988D-C3F65071B05F", "versionStartIncluding": "31.011", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:compactlogix_5380:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDD040ED-B44C-47D0-B4D4-729C378C4F68", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic \nloading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload \nthe user project file to bring the device back online and continue normal operation.\n\n\n"}, {"lang": "es", "value": "Un usuario no autorizado podr\u00eda utilizar una secuencia especialmente manipulada de mensajes Ethernet/IP, combinada con una gran carga de tr\u00e1fico, para provocar una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en los controladores Logix de Rockwell Automation, lo que provocar\u00eda una falla importante no recuperable. Si el dispositivo de destino deja de estar disponible, el usuario tendr\u00eda que borrar la falla y volver a descargar el archivo de proyecto del usuario para volver a poner el dispositivo en l\u00ednea y continuar con el funcionamiento normal."}], "id": "CVE-2022-3752", "lastModified": "2024-11-21T07:20:10.707", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-19T23:15:10.660", "references": [{"source": "PSIRT@rockwellautomation.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137664"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137664"}], "sourceIdentifier": "PSIRT@rockwellautomation.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "PSIRT@rockwellautomation.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}