CVE-2022-2004 (GCVE-0-2022-2004)

Vulnerability from cvelistv5 – Published: 2022-08-31 15:59 – Updated: 2025-04-16 16:11
VLAI
Title
AutomationDirect DirectLOGIC with Ethernet Communication Uncontrolled Resource Consumption
Summary
AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;
Severity
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
AutomationDirect DirectLOGIC D0-06 series CPUs Affected: D0-06DD1 , < 2.72 (custom)
Affected: D0-06DD2 , < 2.72 (custom)
Affected: D0-06DR , < 2.72 (custom)
Affected: D0-06DA , < 2.72 (custom)
Affected: D0-06AR , < 2.72 (custom)
Affected: D0-06AA , < 2.72 (custom)
Affected: D0-06DD1-D , < 2.72 (custom)
Affected: D0-06DD2-D , < 2.72 (custom)
Affected: D0-06DR-D , < 2.72 (custom)
Create a notification for this product.
Date Public
2022-06-16 00:00
Credits
Sam Hanson of Dragos reported this vulnerability to CISA.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:24:43.769Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-2004",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:54:35.593506Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:11:14.677Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DirectLOGIC D0-06 series CPUs",
          "vendor": "AutomationDirect",
          "versions": [
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DD1",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DD2",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DR",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DA",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06AR",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06AA",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DD1-D",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DD2-D",
              "versionType": "custom"
            },
            {
              "lessThan": "2.72",
              "status": "affected",
              "version": "D0-06DR-D",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Sam Hanson of Dragos reported this vulnerability to CISA."
        }
      ],
      "datePublic": "2022-06-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-31T15:59:33.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "AutomationDirect recommends users upgrade to firmware Version 2.72 or later for all DL06 CPUs for CVE-2022-2002.\n\nAdditional brute force mitigation for password access has also been added. Three incorrect password entries will result in a three hour lock out of password entry. Power cycle will allow subsequent password attempts.\n\nPlease see the security network practices below for CVE-2022-2004.\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the specific mitigation actions listed below:\n\nSecure physical access.\nIsolate and air gap networks when possible.\nConsider some of the AutomationDirect newer PLC families."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "AutomationDirect DirectLOGIC with Ethernet Communication Uncontrolled Resource Consumption",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2022-06-16T17:00:00.000Z",
          "ID": "CVE-2022-2004",
          "STATE": "PUBLIC",
          "TITLE": "AutomationDirect DirectLOGIC with Ethernet Communication Uncontrolled Resource Consumption"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DirectLOGIC D0-06 series CPUs",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DD1",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DD2",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DR",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DA",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06AR",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06AA",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DD1-D",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DD2-D",
                            "version_value": "2.72"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "D0-06DR-D",
                            "version_value": "2.72"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "AutomationDirect"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Sam Hanson of Dragos reported this vulnerability to CISA."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400 Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03",
              "refsource": "CONFIRM",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "AutomationDirect recommends users upgrade to firmware Version 2.72 or later for all DL06 CPUs for CVE-2022-2002.\n\nAdditional brute force mitigation for password access has also been added. Three incorrect password entries will result in a three hour lock out of password entry. Power cycle will allow subsequent password attempts.\n\nPlease see the security network practices below for CVE-2022-2004.\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the specific mitigation actions listed below:\n\nSecure physical access.\nIsolate and air gap networks when possible.\nConsider some of the AutomationDirect newer PLC families."
          }
        ],
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-2004",
    "datePublished": "2022-08-31T15:59:33.591Z",
    "dateReserved": "2022-06-06T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:11:14.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-2004",
      "date": "2026-06-03",
      "epss": "0.00137",
      "percentile": "0.33308"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-2004\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2022-08-31T16:15:10.460\",\"lastModified\":\"2024-11-21T07:00:09.590\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;\"},{\"lang\":\"es\",\"value\":\"AutomationDirect DirectLOGIC es vulnerable a un paquete especialmente dise\u00f1ado puede ser enviado continuamente al PLC para evitar el acceso de DirectSoft y otros dispositivos, causando una condici\u00f3n de denegaci\u00f3n de servicio. Este problema afecta a: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versiones anteriores a 2.72; D0-06DD2 versiones anteriores a 2.72; D0-06DR versiones anteriores a 2.72; D0-06DA versiones anteriores a 2.72; D0-06AR versiones anteriores a 2.72; D0-06AA versiones anteriores a 2.72; D0-06DD1-D versiones anteriores a 2.72; D0-06DD2-D versiones anteriores a 2.72; D0-06DR-D versiones anteriores a 2.72;\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:d0-06dd1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.72\",\"matchCriteriaId\":\"5AFBA65E-338B-4236-BCA6-FA305930A8F4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:d0-06dd1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F961CF86-3277-4EDB-A5B2-7EB305BACCD6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:d0-06dd2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.72\",\"matchCriteriaId\":\"8FDFC703-2915-4CF7-97A8-BE4F2007E4F9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:d0-06dd2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E91FF447-5939-4521-915E-517F0E16B0A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:d0-06dr_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.72\",\"matchCriteriaId\":\"3C2B1AF8-9448-428E-8FF3-D862C66241B0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:d0-06dr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BEE237B-5775-4610-B431-44E124D880A0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:d0-06da_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.72\",\"matchCriteriaId\":\"0567F254-00C6-4B3F-A24A-C5605B9A1A6F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:d0-06da:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"677B72A1-2582-4635-900A-F99192633727\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:d0-06ar_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.72\",\"matchCriteriaId\":\"0D5F91FD-8F20-4BCF-9F0B-3E3A3029A31A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:d0-06ar:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E373157-8264-49FE-AB64-4C5B46BC7DB5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:d0-06aa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.72\",\"matchCriteriaId\":\"86D28B71-15E7-43F4-90F4-A5CD1081C05F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:d0-06aa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13D409FE-21AA-48B6-83EF-2F5205649538\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:d0-06dd1-d_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.72\",\"matchCriteriaId\":\"E5751A9A-844A-48C6-A0DB-9BFE1A5E5285\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:d0-06dd1-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9112C3CC-5D82-44AC-8F6D-0F57EE4D6199\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:d0-06dd2-d_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.72\",\"matchCriteriaId\":\"F1E5DC0D-DF94-4FF0-B831-22288823B80B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:d0-06dd2-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57D5814E-B776-43BF-84F6-17A366350F57\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:d0-06dr-d_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.72\",\"matchCriteriaId\":\"440477AD-8CCA-4F8E-ADA4-DF6B2C973B2F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:d0-06dr-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B38DA966-2520-44AB-9DC0-680A0F578177\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T00:24:43.769Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-2004\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-16T15:54:35.593506Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-16T15:54:37.448Z\"}}], \"cna\": {\"title\": \"AutomationDirect DirectLOGIC with Ethernet Communication Uncontrolled Resource Consumption\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Sam Hanson of Dragos reported this vulnerability to CISA.\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"AutomationDirect\", \"product\": \"DirectLOGIC D0-06 series CPUs\", \"versions\": [{\"status\": \"affected\", \"version\": \"D0-06DD1\", \"lessThan\": \"2.72\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"D0-06DD2\", \"lessThan\": \"2.72\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"D0-06DR\", \"lessThan\": \"2.72\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"D0-06DA\", \"lessThan\": \"2.72\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"D0-06AR\", \"lessThan\": \"2.72\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"D0-06AA\", \"lessThan\": \"2.72\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"D0-06DD1-D\", \"lessThan\": \"2.72\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"D0-06DD2-D\", \"lessThan\": \"2.72\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"D0-06DR-D\", \"lessThan\": \"2.72\", \"versionType\": \"custom\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"AutomationDirect recommends users upgrade to firmware Version 2.72 or later for all DL06 CPUs for CVE-2022-2002.\\n\\nAdditional brute force mitigation for password access has also been added. Three incorrect password entries will result in a three hour lock out of password entry. Power cycle will allow subsequent password attempts.\\n\\nPlease see the security network practices below for CVE-2022-2004.\\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\\n\\nAutomationDirect has identified the specific mitigation actions listed below:\\n\\nSecure physical access.\\nIsolate and air gap networks when possible.\\nConsider some of the AutomationDirect newer PLC families.\"}], \"datePublic\": \"2022-06-16T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2022-08-31T15:59:33.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"Sam Hanson of Dragos reported this vulnerability to CISA.\"}], \"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, \"source\": {\"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_name\": \"D0-06DD1\", \"version_value\": \"2.72\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"D0-06DD2\", \"version_value\": \"2.72\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"D0-06DR\", \"version_value\": \"2.72\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"D0-06DA\", \"version_value\": \"2.72\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"D0-06AR\", \"version_value\": \"2.72\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"D0-06AA\", \"version_value\": \"2.72\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"D0-06DD1-D\", \"version_value\": \"2.72\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"D0-06DD2-D\", \"version_value\": \"2.72\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"D0-06DR-D\", \"version_value\": \"2.72\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"DirectLOGIC D0-06 series CPUs\"}]}, \"vendor_name\": \"AutomationDirect\"}]}}, \"solution\": [{\"lang\": \"en\", \"value\": \"AutomationDirect recommends users upgrade to firmware Version 2.72 or later for all DL06 CPUs for CVE-2022-2002.\\n\\nAdditional brute force mitigation for password access has also been added. Three incorrect password entries will result in a three hour lock out of password entry. Power cycle will allow subsequent password attempts.\\n\\nPlease see the security network practices below for CVE-2022-2004.\\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\\n\\nAutomationDirect has identified the specific mitigation actions listed below:\\n\\nSecure physical access.\\nIsolate and air gap networks when possible.\\nConsider some of the AutomationDirect newer PLC families.\"}], \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03\", \"name\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"AutomationDirect DirectLOGIC is vulnerable to a a specially crafted packet can be sent continuously to the PLC to prevent access from DirectSoft and other devices, causing a denial-of-service condition. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-400 Uncontrolled Resource Consumption\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-2004\", \"STATE\": \"PUBLIC\", \"TITLE\": \"AutomationDirect DirectLOGIC with Ethernet Communication Uncontrolled Resource Consumption\", \"ASSIGNER\": \"ics-cert@hq.dhs.gov\", \"DATE_PUBLIC\": \"2022-06-16T17:00:00.000Z\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-2004\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-16T16:11:14.677Z\", \"dateReserved\": \"2022-06-06T00:00:00.000Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2022-08-31T15:59:33.591Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.