ICSA-21-061-02
·
Published 2021-03-23
·
View on CISA ICS-CERT ↗
Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers (Update A)
CVSS 5.8
MEDIUM
Risk Summary
Successful exploitation of this vulnerability may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products.
CVEs (1)
Remediations
- Rockwell Automation recommends affected users apply firmware v33.011 or later.
- For more information see the Rockwell Automation advisory (login required).
Affected Vendors
Rockwell Automation
Affected Products (7)
Rockwell Automation
·
ControlLogix 5570 controllers
<= 33
Rockwell Automation
·
Compact GuardLogix 5370 controllers
<= 33
Rockwell Automation
·
CompactLogix 5370 L2 controllers
<= 33
Rockwell Automation
·
CompactLogix 5370 L1 controllers
<= 33
Rockwell Automation
·
Armor Compact GuardLogix 5370 controllers
<= 33
Rockwell Automation
·
CompactLogix 5370 L3 controllers
<= 33
Rockwell Automation
·
Armor GuardLogix Safety Controllers
<= 33
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more