Rewterz Threat Alert – Shuckworm APT Group aka Armageddon – Active IOCs
December 28, 2022Rewterz Threat Advisory – ICS – Mitsubishi Electric MELSEC and MELIPC Vulnerability
December 29, 2022Rewterz Threat Alert – Shuckworm APT Group aka Armageddon – Active IOCs
December 28, 2022Rewterz Threat Advisory – ICS – Mitsubishi Electric MELSEC and MELIPC Vulnerability
December 29, 2022Severity
High
Analysis Summary
CVE-2022-3156
Rockwell Automation Studio 5000 Logix Emulate could allow a local authenticated attacker to execute arbitrary code on the system, caused by improper access control. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
Code Execution
Indicators Of Compromise
CVE
- CVE-2022-3156
Affected Vendors
Rockwell Automation
Affected Products
- Rockwell Automation Studio 5000 Logix Emulate 20.00
- Rockwell Automation Studio 5000 Logix Emulate 33.00
Remediation
Upgrade to the latest version of Studio 5000 Logix Emulate, available from the Rockwell Automation Website.