← Back to home
ICSA-19-190-02  ·  Published 2019-07-09  ·  View on CISA ICS-CERT ↗

Rockwell Automation PanelView 5510

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow a remote unauthenticated user to gain root privileges on the device.

CVEs (1)

Remediations

  • Rockwell Automation reports users using PanelView 5510 with manufacturing dates prior to March 13, 2019, are encouraged to update to an available revision that addresses the associated risk.
  • For PanelView 5510 using v4, apply v4.003 or later and for PanelView 5510 using v5, apply v5.002 or later. Updates are available at:
  • Block all traffic to EtherNet/IP or other CIP protocol-based devices from outside the manufacturing zone by blocking or restricting access to Ports 2222 and 44818/TCP and UDP using proper network infrastructure controls, such as firewalls, UTM devices, or other security appliances.
  • Use trusted software, software patches, antivirus/anti-malware programs, and interact only with trusted websites and attachments.
  • For more information see Rockwell Automation security advisory 1088080 found at:

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · PanelView 5510 < March 13, 2019 | < 4.003 | < 5.002

Affected Sectors

Critical Manufacturing, Food and Agriculture, Transportation, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more