Rockwell Automation PLCÉí·ÝÑéÖ¤ÈƹýÎó²î£¨CVE-2021-22681£©

Ðû²¼Ê±¼ä 2021-03-01

0x00 Îó²î¸ÅÊö

CVE  ID

CVE-2021-22681

ʱ  ¼ä

2021-03-01

Àà   ÐÍ

Éí·ÝÑéÖ¤Èƹý

µÈ  ¼¶

ÑÏÖØ

Ô¶³ÌʹÓÃ

ÊÇ

Ó°Ïì¹æÄ£


 

0x01 Îó²îÏêÇé

image.png

2021Äê02ÔÂ25ÈÕ£¬£¬£¬£¬£¬£¬£¬CISAÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬£¬£¬ÃÀ¹úÂÞ¿ËΤ¶û£¨Rockwell Automation£©¹«Ë¾µÄRSLogix5000¡¢Studio 5000 Logix DesignerÈí¼þºÍRockwell Logix ControllersÖб£´æÒ»¸öÑÏÖصÄÉí·ÝÑéÖ¤ÈƹýÎó²î£¨CVE-2021-22681£©£¬£¬£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSv3ÆÀ·ÖΪ10.0¡£¡£¡£

Rockwell AutomationÊÇÈ«Çò×î´óµÄ×Ô¶¯»¯ºÍÐÅÏ¢»¯¹«Ë¾Ö®Ò»¡£¡£¡£RSLogix 5000ºÍStudio 5000 Logix DesignerÊÇÓÃÓÚ¹¤Òµ¿ØÖÆϵͳµÄ±à³ÌÈí¼þ£¬£¬£¬£¬£¬£¬£¬CompactLogix¡¢DriveLogiºÍCompact GuardLogixµÈÊÇRockwell¹«Ë¾Ñз¢µÄLogix ¿ØÖÆÆ÷¡£¡£¡£

ÓÉÓÚLogix DesignerʹÓÃÁ˲»Çå¾²µÄ˽ԿÀ´ÑéÖ¤Óë¿ØÖÆÆ÷µÄͨѶ£¬£¬£¬£¬£¬£¬£¬Ô¶³Ì¹¥»÷Õß¿ÉÒÔʹÓôËÎó²îÈƹýÑéÖ¤»úÖƲ¢ÓëLogix¿ØÖÆÆ÷ÅþÁ¬£¬£¬£¬£¬£¬£¬£¬»òÕßͨ¹ýʹÓôËÎó²îʹÓÃδÊÚȨµÄµÚÈý·½¹¤¾ßÀ´¸ü¸Ä¿ØÖÆÆ÷µÄÉèÖûòÓ¦ÓóÌÐò´úÂ룬£¬£¬£¬£¬£¬£¬¶øÎÞÐè¾­ÓÉÉí·ÝÑéÖ¤¡£¡£¡£

 

Ó°Ïì¹æÄ£

Rockwell software£º

RSLogix 5000£º°æ±¾16-20

Studio 5000 Logix Designer£º°æ±¾21¼°¸ü¸ß°æ±¾

Rockwell Logix Controllers£º

CompactLogix 1768

CompactLogix 1769

CompactLogix 5370

CompactLogix 5380

CompactLogix 5480

ControlLogix 5550

ControlLogix 5560

ControlLogix 5570

ControlLogix 5580

DriveLogix 5560

DriveLogix 5730

DriveLogix 1794-L34

Compact GuardLogix 5370

Compact GuardLogix 5380

GuardLogix 5570

GuardLogix 5580

SoftLogix 5800

  

0x02 ´¦Öóͷ£½¨Òé

ÏÖÔÚCISAÒѾ­Ðû²¼Á˸ÃÎó²îµÄ»º½â²½·¥£¬£¬£¬£¬£¬£¬£¬ÏêÇéÇë²Î¿¼ÒÔÏÂÁ´½Ó£º

https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03

¹Ù·½Çå¾²±¨¸æÁ´½ÓÈçÏ£º

https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1130301

 

0x03 ²Î¿¼Á´½Ó

https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03

https://securityaffairs.co/wordpress/115085/ics-scada/rockwell-automation-software-flaw.html?

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22681

 

0x04 ʱ¼äÏß

2021-02-25  CISAÐû²¼Ç徲ͨ¸æ

2021-03-01  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/

image.png