ICSA-18-107-03_Rockwell Automation Stratix Services Router

CVEs (4)

Remediations

• Rockwell Automation has released knowledge base article 1073313
• Cisco has released Snort Rules 46110 and 46111 to help address CVE-2018-0158 and CVE-2018-0151.
• Help minimize network exposure for all control system devices and/or systems, and confirm that they are not accessible from the Internet.
• Locate control system networks and devices behind firewalls, and isolate them from the business network.
• When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.
• CVE-2018-0151: Users who do not use the Adaptive QoS for DMVPN feature can deny all traffic destined to UDP port 18999 on an affected device by using a Control Plane Policing (CoPP) policy. If the Adaptive QoS for DMVPN feature is later configured, the device must be upgraded to an unaffected release of Cisco IOS Software or Cisco IOS XE Software and the CoPP policy must be removed.
• CVE-2018-0167 and CVE-2018-0175 have no specific mitigations in place.

Affected Vendors

Affected Products (1)