An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code allowing an attacker to change one and not the other. Additionally, devices communicating over the unauthenticated version of EtherNet/IP may be vulnerable to attacks from custom clients exploiting CVE-2021-22681 .
Read "The Old Switcheroo: Hiding Code on Rockwell Automation PLCs"

Risk Information

  • CVE ID
  • CVE-2022-1161
  • Vendor
  • Rockwell Automation
  • Product
  • Logix Controllers
  • CVSS v3
  • 10