First published: Wed Jul 27 2022(Updated: )
The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Armor Compact Guardlogix 5370 Firmware | <=33 | |
Rockwellautomation Armor Compact Guardlogix 5370 | ||
Rockwellautomation Compact Guardlogix 5370 Firmware | <=33 | |
Rockwellautomation Compact Guardlogix 5370 | ||
Rockwellautomation Compactlogix 5370 L1 Firmware | <=33 | |
Rockwellautomation Compactlogix 5370 L1 | ||
Rockwellautomation Compactlogix 5370 L2 Firmware | <=33 | |
Rockwellautomation Compactlogix 5370 L2 | ||
Rockwellautomation Compactlogix 5370 L3 Firmware | <=33 | |
Rockwellautomation Compactlogix 5370 L3 | ||
Rockwellautomation Controllogix 5570 Firmware | <=33 | |
Rockwellautomation Controllogix 5570 | ||
Rockwellautomation Guardlogix 5560 Firmware | <=33 | |
Rockwellautomation Guardlogix 5560 | ||
Rockwellautomation Guardlogix 5570 Firmware | <=33 | |
Rockwellautomation Guardlogix 5570 | ||
Rockwellautomation Guardlogix 5580 Firmware | <=33 | |
Rockwellautomation Guardlogix 5580 | ||
Rockwell Automation Armor Compact GuardLogix 5370 controllers, Versions 33 and prior | ||
Rockwell Automation Armor GuardLogix, Safety Controllers, Versions 33 and prior | ||
Rockwell Automation CompactLogix 5370 L1 controllers, Versions 33 and prior | ||
Rockwell Automation CompactLogix 5370 L2 controllers, Versions 33 and prior | ||
Rockwell Automation CompactLogix 5370 L3 controllers, Versions 33 and prior | ||
Rockwell Automation Compact GuardLogix 5370 controllers, Versions 33 and prior | ||
Rockwell Automation ControlLogix 5570 controllers, Versions 33 and prior |
Rockwell Automation recommends affected users apply firmware v33.011 or later. For more information see the Rockwell Automation advisory (login required).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-6998 is a vulnerability in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior that allows an attacker to create an infinite loop by sending specially crafted CIP packet requests.
The severity of CVE-2020-6998 is high, with a CVSS score of 8.6.
CVE-2020-6998 affects Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior.
An attacker can exploit CVE-2020-6998 by sending specially crafted CIP packet requests to the vulnerable Rockwell Automation devices.
Rockwell Automation has released firmware updates to address the vulnerability. Users are advised to update to the latest firmware version.