Rockwell Automation PowerFlex 525 AC Drives (ICSA-19-087-01)

The NCCIC has published an advisory on a resource exhaustion vulnerability in Rockwell Automation PowerFlex 525 AC Drives. PowerFlex 525 AC Drives with embedded EtherNet/IP and Safety Versions 5.001 and earlier are affected. Successful exploitation of this vulnerability could result in resource exhaustion, denial of service, and/or memory corruption. Rockwell Automation has released new firmware to address the vulnerability. The NCCIC also offers a series of measures to address this vulnerability. Read the advisory at NCCIC/ICS-CERT.