CVE-2022-3166
CVE-2022-3166 is a high-severity vulnerability in Rockwellautomation Micrologix 1100 Firmware with a CVSS 3.x base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-924.
Key facts
- Severity: High (CVSS 3.x base score 7.5)
- EPSS exploit prediction: 1% (48th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-924
- Affected product: Rockwellautomation Micrologix 1100 Firmware
- Published:
- Last modified:
Description
Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device
Frequently asked questions
- What is CVE-2022-3166?
- Rockwell Automation was made aware that the webservers of the Micrologix 1100 and 1400 controllers contain a vulnerability that may lead to a denial-of-service condition. The security vulnerability could be exploited by an attacker with network access to the affected systems by sending TCP packets to webserver and closing it abruptly which would cause a denial-of-service condition for the web server application on the device
- How severe is CVE-2022-3166?
- CVE-2022-3166 has a CVSS 3.x base score of 7.5, rated high severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability high.
- Is CVE-2022-3166 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (48th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2022-3166?
- CVE-2022-3166 primarily affects Rockwellautomation Micrologix 1100 Firmware. In total, 2 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2022-3166?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2022-3166 published?
- CVE-2022-3166 was published on 2022-12-16 and last updated on 2026-06-17.
References
Affected products (2)
- cpe:2.3:o:rockwellautomation:micrologix_1100_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:-:*:*:*:*:*:*:*
More vulnerabilities in Rockwellautomation Micrologix 1100 Firmware
- CVE-2020-6990 — Critical (CVSS 9.8): Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100…
- CVE-2015-6490 — Critical (CVSS 9.8): Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN…
- CVE-2021-33012 — High (CVSS 8.6): Rockwell Automation MicroLogix 1100, all versions, allows a remote, unauthenticated attacker sending specially crafted…
- CVE-2020-6988 — High (CVSS 7.5): Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100…
- CVE-2020-6984 — High (CVSS 7.5): Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100…
- CVE-2015-6492 — High (CVSS 7.5): Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote attackers…
All CVEs affecting Rockwellautomation Micrologix 1100 Firmware →
Other CWE-924 vulnerabilities
- CVE-2025-29628 — Critical (CVSS 9.4): A Gardyn Azure IoT Hub connection string is downloaded over an insecure HTTP connection in Gardyn Home Kit firmware…
- CVE-2024-44730 — Critical (CVSS 9.1): Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commit c21d58 allows…
- CVE-2020-5869 — Critical (CVSS 9.1): In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to…
- CVE-2025-0592 — High (CVSS 8.8): The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by manipulating the…
- CVE-2019-25719 — High (CVSS 8.6): Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1,…
- CVE-2021-34793 — High (CVSS 8.6): A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense…