Описание (на английском; русское — в БДУ выше)
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. If exploited, a threat actor could help prevent access to the legitimate user and end connections to connected devices including the workstation. To recover the controllers, a download is required which ends any process that the controller is running.
Затрагиваемое ПО
Rockwellautomation Controllogix 5580 firmwareRockwellautomation Controllogix 5580Rockwellautomation Controllogix 5580 process firmwareRockwellautomation Controllogix 5580 processRockwellautomation Guardlogix 5580 firmwareRockwellautomation Guardlogix 5580Rockwellautomation Compactlogix 5380 firmwareRockwellautomation Compactlogix 5380Rockwellautomation Compact guardlogix 5380 sil 2 firmwareRockwellautomation Compact guardlogix 5380 sil 2Rockwellautomation Compact guardlogix 5380 sil 3 firmwareRockwellautomation Compact guardlogix 5380 sil 3Rockwellautomation Compactlogix 5480 firmwareRockwellautomation Compactlogix 5480Rockwellautomation Factorytalk logix echo firmwareRockwellautomation Factorytalk logix echo
CVSS
| Балл | 7.5 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Источники
https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1707.html