CVE-2022-1161

Summary

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.

Affected Software

VendorProductVersion RangeStatus
Rockwell Automation1768 CompactLogix controllersAll allaffected
Rockwell Automation1769 CompactLogix controllersallaffected
Rockwell AutomationCompactLogix 5370 controllersallaffected
Rockwell AutomationCompactLogix 5380 controllersallaffected
Rockwell AutomationCompactLogix 5480 controllersallaffected
Rockwell AutomationCompact GuardLogix 5370 controllersallaffected
Rockwell AutomationCompact GuardLogix 5380 controllersallaffected
Rockwell AutomationControlLogix 5550 controllersallaffected
Rockwell AutomationControlLogix 5560 controllersallaffected
Rockwell AutomationControlLogix 5570 controllersallaffected
Rockwell AutomationControlLogix 5580 controllersallaffected
Rockwell AutomationGuardLogix 5560 controllersallaffected
Rockwell AutomationGuardLogix 5570 controllersallaffected
Rockwell AutomationGuardLogix 5580 controllersallaffected
Rockwell AutomationFlexLogix 1794-L34 controllersallaffected
Rockwell AutomationDriveLogix 5730 controllersallaffected
Rockwell AutomationSoftLogix 5800 controllersallaffected

Weaknesses

  • CWE-829: CWE-829 Inclusion of Functionality from Untrusted Control Sphere

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References