Rockwell Automation ISaGRAF Workbench

Risk Summary

Successful exploitation of these vulnerabilities could result in directory traversal, privilege escalation, and arbitrary code execution.

CVEs (3)

Remediations

• Rockwell Automation recommends customers using the affected software to update the affected product to Version 6.6.10 or later.
• Run ISaGRAF Workbench as a user, instead of as an administrator, to minimize the impact of malicious code on the infected system.
• Do not open untrusted .7z exchange files with ISaGRAF Workbench. Employ training and awareness programs to educate users on the warning signs of a phishing or social engineering attack.
• Use of Microsoft AppLocker or other similar allow list application can help mitigate risk. Information on using AppLocker with Rockwell Automation products is available at Rockwell Automation Knowledgebase Article QA17329 (login required).
• Ensure that the least-privilege user principle is followed. Allow user or service account access to shared resources, such as a database, to be granted with the minimum number of rights necessary.
• Do not click web links or open attachments in unsolicited email messages.
• Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
• Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

Affected Vendors

Affected Products (1)

Affected Sectors

Critical Manufacturing