{ "id": "CVE-2022-2004", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2022-08-31T16:15:10.460", "lastModified": "2022-09-06T23:49:42.410", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;" }, { "lang": "es", "value": "AutomationDirect DirectLOGIC es vulnerable a un paquete especialmente dise\u00f1ado puede ser enviado continuamente al PLC para evitar el acceso de DirectSoft y otros dispositivos, causando una condici\u00f3n de denegaci\u00f3n de servicio. Este problema afecta a: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versiones anteriores a 2.72; D0-06DD2 versiones anteriores a 2.72; D0-06DR versiones anteriores a 2.72; D0-06DA versiones anteriores a 2.72; D0-06AR versiones anteriores a 2.72; D0-06AA versiones anteriores a 2.72; D0-06DD1-D versiones anteriores a 2.72; D0-06DD2-D versiones anteriores a 2.72; D0-06DR-D versiones anteriores a 2.72;" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 }, { "source": "ics-cert@hq.dhs.gov", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "ics-cert@hq.dhs.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-400" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:automationdirect:d0-06dd1_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.72", "matchCriteriaId": "5AFBA65E-338B-4236-BCA6-FA305930A8F4" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:automationdirect:d0-06dd1:-:*:*:*:*:*:*:*", "matchCriteriaId": "F961CF86-3277-4EDB-A5B2-7EB305BACCD6" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:automationdirect:d0-06dd2_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.72", "matchCriteriaId": "8FDFC703-2915-4CF7-97A8-BE4F2007E4F9" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:automationdirect:d0-06dd2:-:*:*:*:*:*:*:*", "matchCriteriaId": "E91FF447-5939-4521-915E-517F0E16B0A6" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:automationdirect:d0-06dr_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.72", "matchCriteriaId": "3C2B1AF8-9448-428E-8FF3-D862C66241B0" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:automationdirect:d0-06dr:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BEE237B-5775-4610-B431-44E124D880A0" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:automationdirect:d0-06da_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.72", "matchCriteriaId": "0567F254-00C6-4B3F-A24A-C5605B9A1A6F" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:automationdirect:d0-06da:-:*:*:*:*:*:*:*", "matchCriteriaId": "677B72A1-2582-4635-900A-F99192633727" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:automationdirect:d0-06ar_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.72", "matchCriteriaId": "0D5F91FD-8F20-4BCF-9F0B-3E3A3029A31A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:automationdirect:d0-06ar:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E373157-8264-49FE-AB64-4C5B46BC7DB5" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:automationdirect:d0-06aa_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.72", "matchCriteriaId": "86D28B71-15E7-43F4-90F4-A5CD1081C05F" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:automationdirect:d0-06aa:-:*:*:*:*:*:*:*", "matchCriteriaId": "13D409FE-21AA-48B6-83EF-2F5205649538" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:automationdirect:d0-06dd1-d_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.72", "matchCriteriaId": "E5751A9A-844A-48C6-A0DB-9BFE1A5E5285" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:automationdirect:d0-06dd1-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "9112C3CC-5D82-44AC-8F6D-0F57EE4D6199" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:automationdirect:d0-06dd2-d_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.72", "matchCriteriaId": "F1E5DC0D-DF94-4FF0-B831-22288823B80B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:automationdirect:d0-06dd2-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "57D5814E-B776-43BF-84F6-17A366350F57" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:automationdirect:d0-06dr-d_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.72", "matchCriteriaId": "440477AD-8CCA-4F8E-ADA4-DF6B2C973B2F" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:automationdirect:d0-06dr-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "B38DA966-2520-44AB-9DC0-680A0F578177" } ] } ] } ], "references": [ { "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03", "source": "ics-cert@hq.dhs.gov", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ] } ] }