CVE-2022-2003
HIGH EXPLOITEDAutomationDirect DirectLOGIC D0-06 Series < 2.72 - Cleartext Password Exposure via Serial Port
Title source: llmExploitation Summary
CVE-2022-2003 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;
References (2)
Core 2
Core References
Patch, Third Party Advisory, US Government Resource x_refsource_confirm
https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-02
Patch, Third Party Advisory, US Government Resource x_refsource_confirm
https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03
Scores
CVSS v3
7.7
EPSS
0.0060
EPSS Percentile
43.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
VulnCheck KEV
2022-07-14
CWE
CWE-319
Status
published
Products (9)
automationdirect/d0-06aa_firmware
< 2.72
automationdirect/d0-06ar_firmware
< 2.72
automationdirect/d0-06da_firmware
< 2.72
automationdirect/d0-06dd1-d_firmware
< 2.72
automationdirect/d0-06dd1_firmware
< 2.72
automationdirect/d0-06dd2-d_firmware
< 2.72
automationdirect/d0-06dd2_firmware
< 2.72
automationdirect/d0-06dr-d_firmware
< 2.72
automationdirect/d0-06dr_firmware
< 2.72
Published
Aug 31, 2022
Tracked Since
Feb 18, 2026