Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers

Risk Summary

Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to input a malicious link redirecting users to a malicious website.

CVEs (1)

Remediations

• Rockwell Automation has released a security advisory with mitigation steps that can be found at:
• Rockwell Automation recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
• Update to the latest available firmware revision that addresses the associated risk.
• Use trusted software, software patches, anti-virus/anti-malware programs, and interact only with trusted websites and attachments.
• Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
• Locate control system networks and devices behind firewalls and isolate them from the business network.
• When remote access is required, use secure methods such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. VPN is only as secure as the connected devices.
• Employ training and awareness programs to educate users on the warning signs of a phishing or social engineering attack.

Affected Vendors

Affected Products (6)

Affected Sectors

Critical Manufacturing