You are here

Rockwell Automation Stratix Industrial Managed Ethernet Switch (ICSA-18-107-05) – Products Used in the Water and Wastewater and Energy Sectors

Rockwell Automation Stratix Industrial Managed Ethernet Switch (ICSA-18-107-05) – Products Used in the Water and Wastewater and Energy Sectors

Created: Wednesday, April 18, 2018 - 17:45
Categories:
Cybersecurity

The NCCIC/ICS-CERT has released an advisory on vulnerabilities in Rockwell Automation Stratix Industrial Managed Ethernet Switch. Allen-Bradley Stratix 8300 Industrial Managed Ethernet Switches, versions 15.2(4a)EA5 and earlier, are affected. Successful exploitation of these vulnerabilities could result in loss of availability, confidentiality, and/or integrity caused by memory exhaustion, module restart, information corruption, and/or information exposure. Rockwell Automation has released knowledge base article 1073315 and recommends implementing a series of mitigations. Cisco has released new Snort Rules to help address the following vulnerabilities. The NCCIC/ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.