Rockwell Automation FactoryTalk Linx Software (Update A)

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition, obtain remote code execution, and read sensitive information.

CVEs (3)

Remediations

• Patch Roll-up for CPR9 SRx (Login Required)
• FactoryTalk Linx/Services patch RAID# 1124820 (Login Required)
• FactoryTalk Linx patch RAID# 1126433 (Login Required)
• Block all traffic to EtherNet/IP or other CIP protocol-based devices from outside the manufacturing zone by blocking or restricting access to TCP Ports 2222, 7153, and UDP Port 44818 using proper network infrastructure controls, such as firewalls, UTM devices, or other security appliances. For more information on TCP/UDP ports used by Rockwell Automation products, see Knowledgebase Article ID 898270
• Locate control system networks and devices behind firewalls and isolate them from the business network.
• When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.
• For more information, please refer to Rockwell Automation's security advisory: 54102-Industrial Security Advisory Index.

Affected Vendors

Affected Products (9)

Affected Sectors

Critical Manufacturing, Energy, Water and Wastewater Systems