ICSA-18-184-01 · Published 2018-07-03 · View on CISA ICS-CERT ↗

Rockwell Automation Allen-Bradley Stratix 5950

CVSS 8.6 HIGH CISA KEV — Known Exploited

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to bypass client certification to create connections to the affected device or cause the device to crash.

CVEs (5)

CVE-2018-0228 CVE-2018-0227 CVE-2018-0231 CVE-2018-0240 CVE-2018-0296

Remediations

CVE-2018-0228 — The ASA and FTD configuration commands—set connection per-client-embryonic-max (TCP) and set connection per-client-max (TCP, UDP, and Stream Control Transmission Protocol [SCTP])—can be configured to limit the number of connection requests allowed. Using these configuration parameters can reduce the number of connections and greatly reduce the impact of the DoS attack.
For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860
CVE-2018-0227 — No workarounds available
CVE-2018-0231 — No workarounds available
CVE-2018-0240 — No workarounds available
CVE-2018-0296 — Cisco has released Snort Rule 46897

Affected Vendors

Rockwell Automation

Affected Products (4)

Rockwell Automation · Allen-Bradley Stratix 5950 1783-SAD4T0SBK9

Rockwell Automation · Allen-Bradley Stratix 5950 1783-SAD2T2SPK9

Rockwell Automation · Allen-Bradley Stratix 5950 1783-SAD4T0SPK9

Rockwell Automation · Allen-Bradley Stratix 5950 1783-SAD2T2SBK9

Affected Sectors

Critical Manufacturing, Energy, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more