Rockwell Automation 1734-AENTR Series B and Series C

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could lead to unauthorized data modification on the affected devices.

CVE-2020-14504 CVE-2020-14502

1734-AENTR Series B, update to firmware Version 5.018
1734-AENTR Series C, update to firmware Version 6.013
Please refer to Rockwell Automation's security advisory PN1551 (requires login) for detailed information.
Utilize proper network infrastructure controls, such as firewalls, to help ensure that traffic from unauthorized sources are blocked.
Minimize network exposure for all control system devices and/or systems and ensure that they are not accessible from the Internet. For further information about the risks of unprotected Internet accessible control systems, please see Knowledgebase Article PN715
Locate control system networks and devices behind firewalls and isolate them from the business network.
When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.

Rockwell Automation

Rockwell Automation · Series C 6.011 and 6.012

Rockwell Automation · Series B > 4.001 | < 4.005 | > 5.011 | < 5.017

Critical Manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.