First published: Mon Dec 19 2022(Updated: )
An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation.
Credit: PSIRT@rockwellautomation.com
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation Compactlogix 5480 Firmware | >=32.011 | |
Rockwellautomation Compactlogix 5480 | ||
Rockwellautomation Compactlogix 5580 Firmware | >=31.011 | |
Rockwellautomation Compactlogix 5580 | ||
Rockwellautomation Guardlogix 5580 Firmware | >=32.011 | |
Rockwellautomation Guardlogix 5580 | ||
Rockwellautomation Compact Guardlogix 5380 Firmware | >=31.011 | |
Rockwellautomation Compact Guardlogix 5380 | ||
Rockwellautomation Compactlogix 5380 Firmware | >=31.011 | |
Rockwellautomation Compactlogix 5380 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-3752 is a vulnerability that allows an unauthorized user to cause a denial-of-service condition in Rockwell Automation Logix controllers.
CVE-2022-3752 works by exploiting a specially crafted sequence of Ethernet/IP messages and heavy traffic loading to overwhelm the target device, causing a major non-recoverable fault.
Rockwell Automation Logix controllers are affected by CVE-2022-3752, including Compactlogix 5480, Compactlogix 5580, Guardlogix 5580, Compact Guardlogix 5380, and Compactlogix 5380.
CVE-2022-3752 has a severity rating of 7.5 out of 10, which is considered high.
To fix CVE-2022-3752, it is recommended to upgrade to the latest firmware version provided by Rockwell Automation and follow their recommended security guidelines.