Rockwell Automation Micro800 and MicroLogix 1400

Risk Summary

Successful exploitation of this vulnerability may result in denial-of-service conditions, which may require a firmware flash to recover.

CVEs (1)

Remediations

• Rockwell recommends confirming that setting and updating the password for the controller is done within a trusted network environment.
• If this vulnerability is successfully exploited, the password can be reset by performing a firmware flash on the controller. Firmware flashing will put the controller into the default state and the user program and data will be lost.
• A comprehensive defense-in-depth strategy can reduce the risk of this vulnerability. To leverage the vulnerability, an unauthorized user would require access to the same network as the controller. Users should confirm they are employing proper networking segmentation and security controls.
• Users can refer to the Converged Plantwide Ethernet (CPwE) Design and Implementation Guide for best practices for deploying network segmentation and broader defense-in-depth strategies. Users can also refer to the Rockwell Automation System Security Design Guidelines on how to use Rockwell Automation products to improve the security of their industrial automation systems.
• For more information see Rockwell Automation Security Advisory (login required).

Affected Vendors

Affected Products (2)

Affected Sectors

Critical Manufacturing