CVE-2022-1161

Name: CVE-2022-1161
Creator: NVD / NIST
Published: 2022-04-11T20:15:18.017+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10EPSS 4.87%

Last modified Jun 17, 2026

CVE-2022-1161 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.. EPSS estimates a 4.87% chance of exploitation in the next 30 days.

Description

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to change one and not the other.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

4.87%

90.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-829

Affected Software

Vendor	Product	Versions
Rockwellautomation	Compactlogix 1768-L43 Firmware	All versions
Rockwellautomation	Compactlogix 1768-L45 Firmware	All versions
Rockwellautomation	Compactlogix 1769-L31 Firmware	All versions
Rockwellautomation	Compactlogix 1769-L32c Firmware	All versions
Rockwellautomation	Compactlogix 1769-L32e Firmware	All versions
Rockwellautomation	Compactlogix 1769-L35cr Firmware	All versions
Rockwellautomation	Compactlogix 1769-L35e Firmware	All versions
Rockwellautomation	Compactlogix 5370 L3 Firmware	All versions
Rockwellautomation	Compactlogix 5370 L2 Firmware	All versions
Rockwellautomation	Compactlogix 5370 L1 Firmware	All versions
Rockwellautomation	Compactlogix 5380 Firmware	All versions
Rockwellautomation	Compactlogix 5480 Firmware	All versions
Rockwellautomation	Compact Guardlogix 5370 Firmware	All versions
Rockwellautomation	Compact Guardlogix 5380 Firmware	All versions
Rockwellautomation	Controllogix 5550 Firmware	All versions
Rockwellautomation	Controllogix 5560 Firmware	All versions
Rockwellautomation	Controllogix 5570 Firmware	All versions
Rockwellautomation	Controllogix 5580 Firmware	All versions
Rockwellautomation	Guardlogix 5560 Firmware	All versions
Rockwellautomation	Guardlogix 5570 Firmware	All versions
Rockwellautomation	Guardlogix 5580 Firmware	All versions
Rockwellautomation	Flexlogix 1794-L34 Firmware	All versions
Rockwellautomation	Drivelogix 5730 Firmware	All versions
Rockwellautomation	Softlogix 5800 Firmware	All versions

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05Third Party Advisory, US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-05Third Party Advisory, US Government Resource

Timeline

Published: Apr 11, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-1161?

How severe is CVE-2022-1161?

CVE-2022-1161 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 4.87% probability of exploitation in the next 30 days.

How do I fix CVE-2022-1161?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-1161?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST