CVE-2022-2003

AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;

Weakness

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Affected Software

Name	Vendor	Start Version	End Version
D0-06dd1_firmware	Automationdirect	*	2.72 (excluding)

Potential Mitigations

https://cwe.mitre.org/data/definitions/102.html
https://cwe.mitre.org/data/definitions/117.html
https://cwe.mitre.org/data/definitions/383.html
https://cwe.mitre.org/data/definitions/477.html
https://cwe.mitre.org/data/definitions/65.html

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-02
https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03
https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-02
https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03

NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-2003
CWE	https://cwe.mitre.org/data/definitions/319.html

Cleartext Transmission of Sensitive Information

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References