#VU61791 Inclusion of Functionality from Untrusted Control Sphere in Rockwell Automation products - CVE-2022-1161
Published: April 1, 2022
Vulnerability identifier: #VU61791
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2022-1161
CWE-ID: CWE-829
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
1768 CompactLogix
1769 CompactLogix
CompactLogix 5370
CompactLogix 5380
CompactLogix 5480
Compact GuardLogix 5370
Compact GuardLogix 5380
ControlLogix 5550
ControlLogix 5560
ControlLogix 5570
ControlLogix 5580
GuardLogix 5560
GuardLogix 5570
GuardLogix 5580
FlexLogix 1794-L34
DriveLogix 5730
SoftLogix 5800
1768 CompactLogix
1769 CompactLogix
CompactLogix 5370
CompactLogix 5380
CompactLogix 5480
Compact GuardLogix 5370
Compact GuardLogix 5380
ControlLogix 5550
ControlLogix 5560
ControlLogix 5570
ControlLogix 5580
GuardLogix 5560
GuardLogix 5570
GuardLogix 5580
FlexLogix 1794-L34
DriveLogix 5730
SoftLogix 5800
Software vendor:
Rockwell Automation
Rockwell Automation
Description
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to inclusion of functionality from untrusted control sphere. A remote attacker with the ability to modify a user program can change user program code on some control systems and execute arbitrary code on the target system.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.