CVE-2022-3752: Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack
First published: Mon Dec 19 2022(Updated: )
An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation.
Credit: PSIRT@rockwellautomation.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rockwell Automation CompactLogix 5480 Firmware | >=32.011 | |
| Rockwell Automation CompactLogix 5480 | ||
| Rockwell Automation CompactLogix 5580 Firmware | >=31.011 | |
| Rockwell Automation CompactLogix 5580 | ||
| Rockwell Automation GuardLogix 5580 Firmware | >=32.011 | |
| Rockwell Automation GuardLogix 5580 | ||
| Rockwell Automation Compact GuardLogix 5380 SIL 3 Firmware | >=31.011 | |
| Rockwell Automation Compact GuardLogix 5380 Firmware | ||
| Rockwell Automation CompactLogix 5380 Firmware | >=31.011 | |
| Rockwell Automation CompactLogix 5380 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-3752?
CVE-2022-3752 is a vulnerability that allows an unauthorized user to cause a denial-of-service condition in Rockwell Automation Logix controllers.
How does CVE-2022-3752 work?
CVE-2022-3752 works by exploiting a specially crafted sequence of Ethernet/IP messages and heavy traffic loading to overwhelm the target device, causing a major non-recoverable fault.
Which devices are affected by CVE-2022-3752?
Rockwell Automation Logix controllers are affected by CVE-2022-3752, including Compactlogix 5480, Compactlogix 5580, Guardlogix 5580, Compact Guardlogix 5380, and Compactlogix 5380.
What is the severity of CVE-2022-3752?
CVE-2022-3752 has a severity rating of 7.5 out of 10, which is considered high.
How can I fix CVE-2022-3752?
To fix CVE-2022-3752, it is recommended to upgrade to the latest firmware version provided by Rockwell Automation and follow their recommended security guidelines.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/weakness
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/rockwellautomation
- canonical/rockwell automation compactlogix 5480 firmware
- version/rockwell automation compactlogix 5480 firmware/32.011
- canonical/rockwell automation compactlogix 5480
- canonical/rockwell automation compactlogix 5580 firmware
- version/rockwell automation compactlogix 5580 firmware/31.011
- canonical/rockwell automation compactlogix 5580
- canonical/rockwell automation guardlogix 5580 firmware
- version/rockwell automation guardlogix 5580 firmware/32.011
- canonical/rockwell automation guardlogix 5580
- canonical/rockwell automation compact guardlogix 5380 sil 3 firmware
- version/rockwell automation compact guardlogix 5380 sil 3 firmware/31.011
- canonical/rockwell automation compact guardlogix 5380 firmware
- canonical/rockwell automation compactlogix 5380 firmware
- version/rockwell automation compactlogix 5380 firmware/31.011