CVE-2022-3752: Rockwell Automation GuardLogix and ControlLogix controllers Vulnerable to Denial-Of-Service Attack
First published: Mon Dec 19 2022(Updated: )
An unauthorized user could use a specially crafted sequence of Ethernet/IP messages, combined with heavy traffic loading to cause a denial-of-service condition in Rockwell Automation Logix controllers resulting in a major non-recoverable fault. If the target device becomes unavailable, a user would have to clear the fault and redownload the user project file to bring the device back online and continue normal operation.
Credit: PSIRT@rockwellautomation.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rockwellautomation Compactlogix 5480 Firmware | >=32.011 | |
| Rockwellautomation Compactlogix 5480 | ||
| Rockwellautomation Compactlogix 5580 Firmware | >=31.011 | |
| Rockwellautomation Compactlogix 5580 | ||
| Rockwellautomation Guardlogix 5580 Firmware | >=32.011 | |
| Rockwellautomation Guardlogix 5580 | ||
| Rockwellautomation Compact Guardlogix 5380 Firmware | >=31.011 | |
| Rockwellautomation Compact Guardlogix 5380 | ||
| Rockwellautomation Compactlogix 5380 Firmware | >=31.011 | |
| Rockwellautomation Compactlogix 5380 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-3752?
CVE-2022-3752 is a vulnerability that allows an unauthorized user to cause a denial-of-service condition in Rockwell Automation Logix controllers.
How does CVE-2022-3752 work?
CVE-2022-3752 works by exploiting a specially crafted sequence of Ethernet/IP messages and heavy traffic loading to overwhelm the target device, causing a major non-recoverable fault.
Which devices are affected by CVE-2022-3752?
Rockwell Automation Logix controllers are affected by CVE-2022-3752, including Compactlogix 5480, Compactlogix 5580, Guardlogix 5580, Compact Guardlogix 5380, and Compactlogix 5380.
What is the severity of CVE-2022-3752?
CVE-2022-3752 has a severity rating of 7.5 out of 10, which is considered high.
How can I fix CVE-2022-3752?
To fix CVE-2022-3752, it is recommended to upgrade to the latest firmware version provided by Rockwell Automation and follow their recommended security guidelines.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/weakness
- agent/tags
- agent/event
- agent/description
- agent/first-publish-date
- vendor/rockwellautomation
- canonical/rockwellautomation compactlogix 5480 firmware
- version/rockwellautomation compactlogix 5480 firmware/32.011
- canonical/rockwellautomation compactlogix 5480
- canonical/rockwellautomation compactlogix 5580 firmware
- version/rockwellautomation compactlogix 5580 firmware/31.011
- canonical/rockwellautomation compactlogix 5580
- canonical/rockwellautomation guardlogix 5580 firmware
- version/rockwellautomation guardlogix 5580 firmware/32.011
- canonical/rockwellautomation guardlogix 5580
- canonical/rockwellautomation compact guardlogix 5380 firmware
- version/rockwellautomation compact guardlogix 5380 firmware/31.011
- canonical/rockwellautomation compact guardlogix 5380
- canonical/rockwellautomation compactlogix 5380 firmware
- version/rockwellautomation compactlogix 5380 firmware/31.011
- canonical/rockwellautomation compactlogix 5380