CVE-2022-1159

Name of the Vulnerable Software and Affected Versions Rockwell Automation Studio 5000 Logix Designer (all versions) ControlLogix 5580 (affected versions not specified) GuardLogix 5580 (affected versions not specified) CompactLogix 5380 (affected versions not specified) CompactLogix 5480 (affected versions not specified) Compact GuardLogix 5380 (affected versions not specified)

Description The issue is related to incorrect code generation management in the programmable logic controllers' firmware. An attacker with administrator access on a workstation running Studio 5000 Logix Designer could inject controller code that is undetectable to a user. This could allow an attacker to embed controller code that a user cannot detect.

Recommendations For Rockwell Automation Studio 5000 Logix Designer, restrict access to administrator privileges on workstations to minimize the risk of exploitation. For ControlLogix 5580, consider disabling code injection functionality until a fix is available. For GuardLogix 5580, restrict access to the controller code generation management module to minimize the risk of exploitation. For CompactLogix 5380, avoid using the code generation feature in the affected firmware until the issue is resolved. For CompactLogix 5480, consider implementing additional security measures to detect and prevent code injection. For Compact GuardLogix 5380, restrict access to the vulnerable code generation management functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.