CVE-2022-2004

{"id": "CVE-2022-2004", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-08-31T16:15:10.460", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;"}, {"lang": "es", "value": "AutomationDirect DirectLOGIC es vulnerable a un paquete especialmente dise\u00f1ado puede ser enviado continuamente al PLC para evitar el acceso de DirectSoft y otros dispositivos, causando una condici\u00f3n de denegaci\u00f3n de servicio. Este problema afecta a: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versiones anteriores a 2.72; D0-06DD2 versiones anteriores a 2.72; D0-06DR versiones anteriores a 2.72; D0-06DA versiones anteriores a 2.72; D0-06AR versiones anteriores a 2.72; D0-06AA versiones anteriores a 2.72; D0-06DD1-D versiones anteriores a 2.72; D0-06DD2-D versiones anteriores a 2.72; D0-06DR-D versiones anteriores a 2.72;"}], "lastModified": "2024-11-21T07:00:09.590", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:d0-06dd1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5AFBA65E-338B-4236-BCA6-FA305930A8F4", "versionEndExcluding": "2.72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:d0-06dd1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F961CF86-3277-4EDB-A5B2-7EB305BACCD6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:d0-06dd2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FDFC703-2915-4CF7-97A8-BE4F2007E4F9", "versionEndExcluding": "2.72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:d0-06dd2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E91FF447-5939-4521-915E-517F0E16B0A6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:d0-06dr_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C2B1AF8-9448-428E-8FF3-D862C66241B0", "versionEndExcluding": "2.72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:d0-06dr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7BEE237B-5775-4610-B431-44E124D880A0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:d0-06da_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0567F254-00C6-4B3F-A24A-C5605B9A1A6F", "versionEndExcluding": "2.72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:d0-06da:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "677B72A1-2582-4635-900A-F99192633727"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:d0-06ar_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D5F91FD-8F20-4BCF-9F0B-3E3A3029A31A", "versionEndExcluding": "2.72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:d0-06ar:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E373157-8264-49FE-AB64-4C5B46BC7DB5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:d0-06aa_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86D28B71-15E7-43F4-90F4-A5CD1081C05F", "versionEndExcluding": "2.72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:d0-06aa:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "13D409FE-21AA-48B6-83EF-2F5205649538"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:d0-06dd1-d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5751A9A-844A-48C6-A0DB-9BFE1A5E5285", "versionEndExcluding": "2.72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:d0-06dd1-d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9112C3CC-5D82-44AC-8F6D-0F57EE4D6199"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:d0-06dd2-d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1E5DC0D-DF94-4FF0-B831-22288823B80B", "versionEndExcluding": "2.72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:d0-06dd2-d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "57D5814E-B776-43BF-84F6-17A366350F57"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:d0-06dr-d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "440477AD-8CCA-4F8E-ADA4-DF6B2C973B2F", "versionEndExcluding": "2.72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:d0-06dr-d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B38DA966-2520-44AB-9DC0-680A0F578177"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}