ICSA-17-047-01
·
Published 2017-03-21
·
View on CISA ICS-CERT ↗
Rockwell Automation Connected Components Workbench
CVSS 7.0
HIGH
Risk Summary
Vendor: Rockwell Automation
CVEs (1)
Remediations
- Rockwell Automation has released a new version of Connected Components Workbench, Version 10.00 and Version 10.01 (All supported languages) which addresses the identified vulnerability.
- Rockwell Automation recommends updating to the latest version of Connected Components Workbench, Version 10.00 or later
- For more information on this vulnerability and more detailed mitigation instructions, please see Rockwell Automation advisory labeled Connected Components Workbench Software Dynamic Link Library (DLL) Hijack Version 1.0, February 16, 2017
Affected Vendors
Rockwell Automation
Affected Products (8)
Rockwell Automation
·
Connected Components Workbench - Developer Edition 9328-CCWDEVDEE
<= 9.01.00
Rockwell Automation
·
Connected Components Workbench - Developer Edition 9328-CCWDEVITE
<= 9.01.00
Rockwell Automation
·
Connected Components Workbench - Developer Edition 9328-CCWDEVESE
<= 9.01.00
Rockwell Automation
·
Connected Components Workbench - Developer Edition 9328-CCWDEVZHE
<= 9.01.00
Rockwell Automation
·
Connected Components Workbench - Free Standard Edition (All Supported Languages)
<= 9.01.00
Rockwell Automation
·
Connected Components Workbench - Developer Edition 9328-CCWDEVFRE
<= 9.01.00
Rockwell Automation
·
Connected Components Workbench - Developer Edition 9328-CCWDEVENE
<= 9.01.00
Rockwell Automation
·
Connected Components Workbench - Developer Edition 9328-CCWDEVPTE
<= 9.01.00
Affected Sectors
Commercial Facilities, Defense Industrial Base, Energy, and Government Facilities
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more