Headline
CVE-2020-6998: CompactLogix 5370 and ControlLogix 5570 Controllers Vulnerable to Denial of Service Conditions due to Improper Input Validation
The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.
Skip Navigation
menu
- Support Center
- Get Support Chat & Submit a Question Phone Support Holiday Schedule
- Training & Webinars
- Online Forum
- Customer Care Customer Care Overview Phone Support Holiday Schedule
Sign In
Quickly log in or create an account using an existing service
Yahoo
What will happen: When you click on this button you will be taken to Yahoo. Once you log in, Yahoo will verify you and send you back here where you’ll be logged in!
Log In or Create an AccountOpens new dialog
Please log in to continue, Username Password
Email Address *
Username *
Password
Re-enter a value for the field ‘Password’
Must match Password
First Name *
Last Name *
Forgot your username or password?
The page will refresh upon submission. Any pending input will be lost.
03-Feb-2022 - Important product notice regarding Microsoft vulnerability patch (MS KB5004442)
Current product hierarchy
- Automation Control
- Programmable Controllers
ID: PN1554 | Access Levels: Everyone
Search
Did you mean:
Published DatePublished Date 03/04/2021
Executive Summary
CompactLogix™ 5370 and ControlLogix® 5570 Programmable Automation Controllers (PACs) contain a vulnerability in the connection establishment algorithm that could allow a remote, unaut…
Login Required to View Full Answer Content
Please use the ‘Sign In’ button above