Severe Flaws in Rockwell PLC Could Allow Attackers to Implant Malicious Code

Rockwell Automation’s programmable logic controllers (PLCs) and engineering workstation software have two new security flaws that might be exploited by an intruder to introduce malicious code into affected systems and silently manipulate automation operations. 

In a way similar to Stuxnet and the Rogue7 assaults, the vulnerabilities have the ability to impair industrial operations and cause physical damage to factories. 

Claroty’s Sharon Brizinov noted in a write-up published, “Programmable logic and predefined variables drive these [automation] processes, and changes to either will alter the normal operation of the PLC and the process it manages.” 

The following is a list of two flaws – 

• CVE-2022- (CVSS score: 10.0) — A remotely exploited weakness that allows a hostile actor to write user-readable “textual” computer code to a memory location independent from the compiled code that is being executed (aka bytecode). The problem is in Rockwell’s ControlLogix, CompactLogix, and GuardLogix control systems’ PLC firmware. 
• CVE-2022-1159 =This vulnerability has a CVSS score of 7.7. Without the user’s knowledge, an attacker with administrative access to a workstation running the Studio 5000 Logix Designer application can disrupt the compilation process and inject code into the user programme. 

Severe Flaws in Rockwell PLC Could Allow Attackers to Implant Malicious Code