ICSA-17-054-02
·
Published 2017-02-23
·
View on CISA ICS-CERT ↗
Red Lion Controls Sixnet-Managed Industrial Switches, AutomationDirect STRIDE-Managed Ethernet Switches Vulnerability
CVSS 10.0
CRITICAL
Risk Summary
ATTENTION: Remotely exploitable. Low skill level is needed to exploit.
CVEs (1)
Remediations
- Red Lion Controls has released SLX firmware Version 5.3.174 to address the hard-coded cryptographic keys issue.
- Red Lion Controls recommends updating to SLX firmware Version 5.3.174, found here:
- Automation Direct recommends updating to Stride Managed Ethernet firmware Version 5.3.174, found here:
Affected Vendors
Red Lion, AutomationDirect
Affected Products (2)
Red Lion, AutomationDirect
·
Stride-Managed Ethernet Switches running firmware
<= 5.0.190
Red Lion, AutomationDirect
·
Sixnet-Managed Industrial Switches running firmware
<= 5.0.196
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more