Rockwell Automation RSLinx Classic Vulnerability

CVEs (1)

Remediations

• Rockwell Automation has produced a new version, Version 3.73, for RSLinx Classic that includes a new version of OPCTest.exe that mitigates the buffer overflow vulnerability. Rockwell Automation encourages asset owners using the affected software to upgrade to the newest available software version. Rockwell recommends that asset owners implement additional precautions and risk mitigation strategies, when possible, to enhance resilience against similar attacks: Do not open untrusted CSV files with OPCTest.exe
• Limit access to those assets using RSLinx Classic and other software to authorized personnel
• Run all software as User and not as an Administrator
• Restrict network access to assets with RSLinx Classic and other software, as appropriate
• Interact with, and only obtain software and software patches from trustworthy highly reputable sources
• Use Whitelisting applications to help mitigate risk
• Follow good network design practices that include network separation and segmentation
• use DMZs with properly configured firewalls to selectively control and monitor traffic passed between zones and systems
• Maintain layered physical and logical security to implement defense-in-depth design practices for the ICS
• Reaffirm with employees the importance for constant vigilance, especially in regard to the ongoing potential for social engineering attacks to manipulate otherwise normal user behaviors.

Affected Vendors

Affected Products (1)