Rockwell Automation MicroLogix

Risk Summary

Successful exploitation of this vulnerability could allow a malicious user to trick a legitimate user into using an untrusted website. If exploited, this vulnerability could lead to a loss of sensitive information, such as authentication credentials.

CVEs (1)

Remediations

• Rockwell Automation encourages those using the affected software to implement the mitigations below to minimize risk. Additionally, Rockwell Automation encourages users to combine risk mitigations with security best practices (also provided below) to deploy a defense-in-depth strategy.
• Disable the web server where possible (this component is an optional feature and disabling it will not disrupt the intended use of the device).
• Configure firewalls to disallow network communication through HTTP/Port 80
• If applying the mitigations noted above are not possible, please see Rockwell Automation's Knowledgebase article QA43240 Security Best Practices.
• For more information, please see the industrial security advisory from Rockwell Automation.

Affected Vendors

Affected Products (2)

Affected Sectors

Critical Manufacturing