Vulnerability in Rockwell Automation 1768 Compactlogix Controllers

CVE-2022-1161

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than…

EPSS: 0.050 (91.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2022-1161?
CVE-2022-1161 is a critical-severity vulnerability in Rockwell Automation 1768 Compactlogix Controllers, classified under Inclusion of Functionality from Untrusted Control Sphere. CVSS score: 10.0/10. Published 2022-04-11.
How severe is CVE-2022-1161?
Critical severity. CVSS v3 base score is 10.0 out of 10.