CVE-2020-6998
published 2022-07-27CVE-2020-6998: The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage…
PriorityP346high8.6CVSS 3.1
AVNACLPRNUINSCCNINAH
EPSS
1.74%
74.9th percentile
The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockwell_automation | armor_compact_guardlogix_5370_controllers | unspecified – versions 33 and prior | — |
| rockwell_automation | armor_guardlogix_safety_controllers | unspecified – versions 33 and prior | — |
| rockwell_automation | compact_guardlogix_5370_controllers | unspecified – versions 33 and prior | — |
| rockwell_automation | compactlogix_5370_l1_controllers | unspecified – versions 33 and prior | — |
| rockwell_automation | compactlogix_5370_l2_controllers | unspecified – versions 33 and prior | — |
| rockwell_automation | compactlogix_5370_l3_controllers | unspecified – versions 33 and prior | — |
| rockwell_automation | controllogix_5570_controllers | unspecified – versions 33 and prior | — |
| rockwellautomation | armor_compact_guardlogix_5370_firmware | <= 33 | — |
| rockwellautomation | compact_guardlogix_5370_firmware | <= 33 | — |
| rockwellautomation | compactlogix_5370_l1_firmware | <= 33 | — |
| rockwellautomation | compactlogix_5370_l2_firmware | <= 33 | — |
| rockwellautomation | compactlogix_5370_l3_firmware | <= 33 | — |
| rockwellautomation | controllogix_5570_firmware | <= 33 | — |
| rockwellautomation | guardlogix_5560_firmware | <= 33 | — |
| rockwellautomation | guardlogix_5570_firmware | <= 33 | — |
| rockwellautomation | guardlogix_5580_firmware | <= 33 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9r87-pc5m-9w97: The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficientl
ghsa_unreviewed·2022-07-28
CVE-2020-6998 [HIGH] CWE-20 GHSA-9r87-pc5m-9w97: The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficientl
The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.
CISA ICS
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers (Update A)
cisa_ics·2021-03-02
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers (Update A)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers (Update A)
Last RevisedMarch 23, 2021
Alert CodeICSA-21-061-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 5.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Rockwell Automation
- Equipment: CompactLogix and ControlLogix controllers
- Vulnerability: Improper Input Validation
## 2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-061-02 Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers that was published March 2, 2021, to
No detection rules found.
No public exploits indexed.
2022-07-27
Published