Rockwell Automation controllers impacted by numerous bugs

SecurityWeek reports that Rockwell Automation controllers have been impacted by four high-severity security flaws, which have already been covered by the Cybersecurity and Infrastructure Security Agency in advisories last week. Threat actors could exploit CVE-2022-3156 in Rockwell Automation's Studio 5000 Logix Emulate controller emulation software to facilitate remote code execution, while the second flaw, tracked as CVE-2022-3157, could be leveraged to enable denial-of-service attacks on CompactLogix, GuardLogix, and ControlLogix controllers. Meanwhile, MicroLogix 1100 and 1400 programmable logic controllers are being impacted by a stored cross-site scripting flaw, tracked as CVE-2022-46670, which could be abused for authentication-free remote code execution. "The payload is transferred to the controller over SNMP and is rendered on the homepage of the embedded website," said Rockwell. MicroLogix PLCs are also affected by a clickjacking vulnerability, tracked as CVE-2022-3166. Rockwell has already issued patches for the first two bugs, while mitigations have been given for the MicroLogix PLC flaws.