Rockwell Automation RSView32 Weak Encryption Algorithm on Passwords

CVEs (1)

Remediations

• The software patch released by Rockwell Automation for the RSView32 mitigates the risk associated with the discovered password vulnerability. Rockwell Automation encourages asset owners/operators using affected versions of the RSView32 to deploy this patch and take the additional precautions: View the specific Rockwell Automation Advisory AID 700915 and the accompanying patch at (https://rockwellautomation.custhelp.com/app/answers/detail/a_id/700915) – registered users login required for access
• Limit access to assets with RSView32 and other software to only authorized personnel
• Restrict and segment network access to assets with RSView32 and other software as appropriate
• Use trusted software and software patches that are obtained only from highly reputable sources
• Interact with, and only obtain software and software patches from trustworthy web sites
• Use of Microsoft AppLocker or other similar Whitelisting application can help mitigate risk. Information on using AppLocker with Rockwell Automation products is available at (https://rockwellautomation.custhelp.com/app/answers/detail/a_id/546989)
• Follow good network design practices that include network separation and segmentation, use of DMZs with properly configured firewalls to selectively control and monitor traffic passed between zones and systems
• Maintain layered physical and logical security, defense-in-depth design practices for the ICS
• Reaffirm with employees the importance for constant vigilance, especially the ongoing potential for social engineering attacks to manipulate otherwise normal user behaviors
• Upgrade the affected product to a more contemporary, in-support product and compatible operating system
• Establish a staged patch management and product upgrade strategy if one does not exist
• The vendor recommends customers consider upgrading their software and compatible operating systems to more contemporary versions wherever possible. It is also advisable that customers adopt measures to keep products current and patched
• For customers who must continue to use RSView32, the vendor strongly recommends that they upgrade the operating system on which the product runs, to a RSView32-compatible version that is as current as possible, and is still in support by the manufacturer
• Other Vendor information links: (http://www.rockwellautomation.com/rockwellautomation/products-technologies/network-technology/architectures.page) (Rockwell Automation security architecture guidance document)
• (https://rockwellautomation.custhelp.com/app/answers/detail/a_id/54102)
• (http://www.rockwellautomation.com/security) (Rockwell Automation Registered Users Security Login).

Affected Vendors

Affected Products (1)