Rockwell Automation Connected Components Workbench ActiveX Component Vulnerabilities

CVEs (1)

Remediations

• Rockwell Automation has verified the validity of the vulnerabilities and released a new software build, Version 7.00.00, to address associated risk. This new software version resolves the vulnerabilities present in previous versions of CCW software. All customers using CCW software prior to Version 7.00.00 are strongly encouraged to upgrade to Version 7.00.00 or higher at their earliest convenience.
• The Rockwell Automation Support Center has published “626689 – Connected Components Workbench (CCW) ActiveX Component Vulnerability.” This document contains technical information about these vulnerabilities, risk mitigation, remediation actions, a URL link to obtain the new software, and installation instructions. You must be a registered user to access this web site: (https://rockwellautomation.custhelp.com/app/answers/detail/a_id/626689)
• Rockwell Automation directs concerned customers to refer to the following URL for comprehensive information about implementing best practices and recommendations on validated architectures: (http://www.rockwellautomation.com/rockwellautomation/products-technologies/network-technology/architectures.page)
• Rockwell Automation also recommends concerned customers to continue to monitor: Rockwell Automation’s Security Advisory Index (AID:54102) - (https://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102)
• (http://www.rockwellautomation.com/security) for new and relevant information relating to this matter.

Affected Vendors

Affected Products (1)