Rockwell Automation FactoryTalk and RSLinx Vulnerabilities

CVSS 10.0 CRITICAL

CVEs (7)

CVE-2012-4695 CVE-2012-4713 CVE-2012-4714 CVE-2012-4715 CVE-2013-2805 CVE-2013-2806 CVE-2013-2807

Rockwell Automation’s recommendation to asset owners using FTSP or RSLinx CPR9 through CPR9-SR4 is to upgrade to CPR9-SR5 or newer. Rockwell Automation also recommends that all asset owners using FTSP or RSLinx CPR9-SR5 and newer should apply the correlating patch for the version they are using.
The patches and details pertaining to these vulnerabilities can be found at the following Rockwell Automation Security Advisory link (login is required): (https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599)
In addition, asset owners can find security information for other Rockwell Automation products at the Security Advisory Index page link below (login is required): (https://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102)

Rockwell Automation

Rockwell Automation · FactoryTalk Services Platform and RSLinx Enterprise CPR9

Rockwell Automation · FactoryTalk Services Platform and RSLinx Enterprise CPR9-SR1

Rockwell Automation · FactoryTalk Services Platform and RSLinx Enterprise CPR9-SR2

Rockwell Automation · FactoryTalk Services Platform and RSLinx Enterprise CPR9-SR3

Rockwell Automation · FactoryTalk Services Platform and RSLinx Enterprise CPR9-SR4

Rockwell Automation · FactoryTalk Services Platform and RSLinx Enterprise CPR9-SR5

Rockwell Automation · FactoryTalk Services Platform and RSLinx Enterprise CPR9-SR5.1

Rockwell Automation · FactoryTalk Services Platform and RSLinx Enterprise CPR9-SR6

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.