PN1613 | Product Notice 1613: Logix Controllers Vulnerable to a Denial-of-Service Vulnerability

Executive Summary

Rockwell Automation was made aware of a denial-of-service security issue that impacts several versions of our GuardLogix^® and ControlLogix^® controllers. Use of this security issue could  lead to a breakdown in availability of the controller and/or a major non-recoverable fault (MNRF).

Customers using affected software versions should use the mitigations in this disclosure. Additional details relating to the discovered security issue, including the products in scope, impact, and recommended countermeasures, are below. We have not received any notice of this security issue being used in Rockwell Automation products.

Affected Products

• CompactLogix™ 5370
• Compact GuardLogix 5370
• ControlLogix 5570
• ControlLogix 5570 redundancy
• GuardLogix 5570

Security Issue Details

CVE-2022-3157 Controllers vulnerable to Denial-of-Service Condition
A security issue exists in the Rockwell Automation controllers. It allows a malformed CIP™ request to cause a  (MNRF) and a denial-of-service condition (DOS).

CVSS Base Score:  8.6/10 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Risk Mitigation & User Action

This security issue has been addressed in newer versions of the products. Customers should use risk mitigations below and combine them with QA43240 - Recommended Security Guidelines from Rockwell Automation to employ multiple strategies simultaneously.

Products Affected	First Known Version Affected	Corrected In
CompactLogix 5370 ControlLogix 5570 GuardLogix 5570	20.011	33.013 34.011 and later
Compact GuardLogix 5370	28.011	33.013 34.011 and later
ControlLogix 5570 Redundancy	20.054	33.052 34.051 and later

Reference

• CVE-2022-3157

Glossary

Denial-of-Service: malicious attempt to overwhelm a web property with traffic in order to disrupt its normal operations

Major Nonrecoverable Fault (MNRF): an error that occurs in a system or device and prevents it from recovering or functioning properly