QID 590982

Date Published: 2022-08-12

QID 590982: Rockwell Automation ControlLogix, GuardLogix, Compact GuardLogix, CompactLogix Vulnerability (PN1542)

Affected Products
1756-EN2T
1756-EN4T
1756-EN4TR
ControlLogix 5580 Series
1756-L81EK, -L82EK, -L83EK, -L84EK, -L85EK
1756-L81EP, -L83EP, -L85EP
1756-L81E-NSE, 1756-L82E-NSE, 1756-L83E-NSE, 1756-L84E-NSE, 1756-L85E-NSE
1756-L81EXT, 1756-L82EXT, 1756-L83EXT, 1756-L84EXT, 1756-L85EXT
GuardLogix 5580 Series
1756-L81ES, -L82ES, -L83ES, -L84ES, -L8SP
1756-L81ESK, -L82ESK, -L83ESK, -L84ESK, -L8SPK
Compact GuardLogix 5380 Series
5069-L306ERMS2
5069-L306ERMS3
5069-L306ERS2
5069-L3100ERMS2
5069-L3100ERMS3
5069-L3100ERS2
5069-L310ERMS2
5069-L310ERMS3
5069-L310ERS2
5069-L320ERMS2
5069-L320ERMS2K
5069-L320ERMS3
5069-L320ERMS3K
5069-L320ERS2
5069-L320ERS2K
5069-L330ERMS2
5069-L330ERMS2K
5069-L330ERMS3
5069-L330ERMS3K
5069-L330ERS2
5069-L330ERS2K
5069-L340ERMS2
5069-L340ERMS3
5069-L340ERS2
5069-L350ERMS2
5069-L350ERMS2K
5069-L350ERMS3
5069-L350ERMS3K
5069-L350ERS2
5069-L350ERS2K
5069-L380ERMS2
5069-L380ERMS3
5069-L380ERS2
CompactLogix 5380 Series
5069-L306ER
5069-L306ERM
5069-L310ER
5069-L310ER-NSE
5069-L310ERM
5069-L320ER
5069-L320ERM
5069-L320ERMK
5069-L320ERP
5069-L330ER
5069-L330ERM
5069-L330ERMK
5069-L340ER
5069-L340ERM
5069-L340ERP
5069-L350ERM
5069-L350ERMK
5069-L380ERM
5069-L3100ERM
5069-AEN2TR
CompactLogix 5480 Series
5069-L4100ERMW
5069-L4200ERMW
5069-L430ERMW
5069-L450ERMW
5069-L46ERMW
iTRAK 5730 Small Frame
iTRAK 5750C
Kinetix 5700 Series B - DAI, HPI, LFI, AFE
PowerFlex 6000T
PowerFlex 755 TL
PowerFlex 755 TM
PowerFlex 755 TR

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Successful exploit of this vulnerability may allow an attacker to obtain the unique ECC private key for that chip only. The chip will also be physically damaged. For controllers, the current use of this unique key is only used during the initial deployment of CIP Security

CVSS V3 rated as Medium - 4.2 severity.

CVSS V2 rated as Low - 1.9 severity.

Solution

Customers are advised to refer to CERT MITIGATIONS section PN1542 for affected packages and patching details.

Vendor References

PN1542 - rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129700

CVEs related to QID 590982

CVE-2021-3011 |

Software Advisories

Advisory ID	Software	Component	Link
PN1542			rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1129700

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].