Rockwell Automation MicroLogix 1100 & 1400 Vulnerable to Cross-Site Scripting Attack
CVE-2022-46670

7.1HIGH

Key Information:

Vendor: Rockwell Automation
Status: Micrologix 1100 & 1400 Controllers; Micrologix 1400-b/c; Micrologix 1400-a
Vendor: CVE Published:; 16 December 2022

Summary

Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an unauthenticated stored cross-site scripting vulnerability in the embedded webserver. The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website.

Affected Version(s)

MicroLogix 1100 & 1400 Controllers All

MicroLogix 1400-A 7.000 and below

MicroLogix 1400-B/C 21.007 and below

References

https://rockwellautomation.custhelp.com/app/answers/answe...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 16, 2022
Vulnerability Reserved
Dec 6, 2022

Credit

Ryan Pickren, a security researcher from Georgia Institute of Technology