github - ghsa-5pc3-4p3v-hv92

ghsa-5pc3-4p3v-hv92

Vulnerability from github

Published

2022-09-01 00:00

Modified

2022-09-07 00:01

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-2004"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-31T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;",
  "id": "GHSA-5pc3-4p3v-hv92",
  "modified": "2022-09-07T00:01:49Z",
  "published": "2022-09-01T00:00:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2004"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2022-2004 (GCVE-0-2022-2004)

Vulnerability from cvelistv5

Published

2022-08-31 15:59

Modified

2025-04-16 16:11

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;

References

►

URL

Tags

https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	AutomationDirect	DirectLOGIC D0-06 series CPUs	Version: D0-06DD1 < 2.72 Version: D0-06DD2 < 2.72 Version: D0-06DR < 2.72 Version: D0-06DA < 2.72 Version: D0-06AR < 2.72 Version: D0-06AA < 2.72 Version: D0-06DD1-D < 2.72 Version: D0-06DD2-D < 2.72 Version: D0-06DR-D < 2.72

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:24:43.769Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-2004",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:54:35.593506Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:11:14.677Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DirectLOGIC D0-06 series CPUs",
          "vendor": "AutomationDirect",
          "versions": [
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DD1",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DD2",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DR",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DA",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06AR",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06AA",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DD1-D",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DD2-D",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DR-D",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Sam Hanson of Dragos reported this vulnerability to CISA."
        }
      ],
      "datePublic": "2022-06-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-31T15:59:33.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "AutomationDirect recommends users upgrade to firmware Version 2.72 or later for all DL06 CPUs for CVE-2022-2002.\n\nAdditional brute force mitigation for password access has also been added. Three incorrect password entries will result in a three hour lock out of password entry. Power cycle will allow subsequent password attempts.\n\nPlease see the security network practices below for CVE-2022-2004.\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the specific mitigation actions listed below:\n\nSecure physical access.\nIsolate and air gap networks when possible.\nConsider some of the AutomationDirect newer PLC families."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "AutomationDirect DirectLOGIC with Ethernet Communication Uncontrolled Resource Consumption",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2022-06-16T17:00:00.000Z",
          "ID": "CVE-2022-2004",
          "STATE": "PUBLIC",
          "TITLE": "AutomationDirect DirectLOGIC with Ethernet Communication Uncontrolled Resource Consumption"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DirectLOGIC D0-06 series CPUs",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DD1",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DD2",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DR",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DA",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06AR",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06AA",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DD1-D",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DD2-D",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DR-D",
                            "version_value": "2.72"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "AutomationDirect"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Sam Hanson of Dragos reported this vulnerability to CISA."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400 Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03",
              "refsource": "CONFIRM",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "AutomationDirect recommends users upgrade to firmware Version 2.72 or later for all DL06 CPUs for CVE-2022-2002.\n\nAdditional brute force mitigation for password access has also been added. Three incorrect password entries will result in a three hour lock out of password entry. Power cycle will allow subsequent password attempts.\n\nPlease see the security network practices below for CVE-2022-2004.\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the specific mitigation actions listed below:\n\nSecure physical access.\nIsolate and air gap networks when possible.\nConsider some of the AutomationDirect newer PLC families."
          }
        ],
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-2004",
    "datePublished": "2022-08-31T15:59:33.591Z",
    "dateReserved": "2022-06-06T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:11:14.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.