Rockwell Automation Stratix 5100 (Update A) (ICSA-17-299-02) – Product Used in the Water and Wastewater and Energy Sectors

November 1, 2018

The NCCIC has updated this advisory with additional information on mitigation measures. NCCIC/ICS-CERT.

October 26, 2017

ICS-CERT has released an advisory on a Rockwell Automation Stratix 500 vulnerability. Stratix 5100 version 15.3(3)JC1 and earlier are affected. Successful exploitation of this vulnerability may allow the attacker to operate as a “man-in-the-middle” between the device and the wireless network. Rockwell Automation recommends that all users patch the clients that connect to the Stratix 5100 WAP/WGB. ICS-CERT.