You are here

rockwell automation

Rockwell Automation Arena (ICSA-18-130-02)

The NCCIC has released an advisory on a vulnerability in Rockwell Automation Arena. Versions 15.10.00 and prior are affected. Successful exploitation of this vulnerability could cause the software application to crash. Rockwell Automation encourages affected users to upgrade to the latest version of Arena software, 15.10.01 (or later). The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.

Rockwell Automation Stratix Industrial Managed Ethernet Switch (ICSA-18-107-05) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC/ICS-CERT has released an advisory on vulnerabilities in Rockwell Automation Stratix Industrial Managed Ethernet Switch. Allen-Bradley Stratix 8300 Industrial Managed Ethernet Switches, versions 15.2(4a)EA5 and earlier, are affected. Successful exploitation of these vulnerabilities could result in loss of availability, confidentiality, and/or integrity caused by memory exhaustion, module restart, information corruption, and/or information exposure. Rockwell Automation has released knowledge base article 1073315 and recommends implementing a series of mitigations.

Rockwell Automation Stratix and ArmorStratix Switches (ICSA-18-107-04) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC/ICS-CERT has released an advisory on vulnerabilities in Rockwelll Automation Stratix and ArmorStratix Switches. Numerous versions of these products are affected. Successful exploitation of these vulnerabilities could result in loss of availability, confidentiality, and/or integrity caused by memory exhaustion, module restart, information corruption, and/or information exposure. Rockwell Automation recommends users upgrade to FRN 15.2(6)E1 or later.

Rockwell Automation Stratix Services Router (ICSA-18-107-03) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC/ICS-CERT has released an advisory on vulnerabilities in Rockwelll Automation Stratix Services Router. Allen-Bradley Stratix 5900 Services Router, versions 15.6.3M1 and earlier, are affected. Successful exploitation of these vulnerabilities could result in loss of availability, confidentiality, and/or integrity caused by memory exhaustion, module restart, information corruption, and/or information exposure.

Rockwell Automation MicroLogix (ICSA-18-095-01) – Products Used in the Water and Wastewater Sector

The NCCIC/ICS-CERT has released an advisory on vulnerabilities in Rockwell Automation MicroLogix. MicroLogix 1400 versions FRN 21.003 and prior and MicroLogix 1100 versions FRN 16.00 and prior are affected. Successful exploitation of these vulnerabilities could cause denial of service, disclosure of sensitive information, communication loss, and modification of settings or ladder logic. Rockwell Automation has recommended a series of mitigation strategies for these vulnerabilities.

Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers (ICSA-18-009-01) – Product Used in the Water and Wastewater Sector

ICS-CERT has released an advisory on a Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers vulnerability. Multiple versions of this product are affected. Successful exploitation of this vulnerability could cause the device that the attacker is accessing to become unresponsive to Modbus TCP communications and affect the availability of the device. Rockwell Automation encourages affected users to upgrade to the latest version of available firmware, FRN 21.003. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability.

Subscribe to rockwell automation