AutomationDirect Stride Field I/O

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to obtain user credentials.

CVEs (1)

Remediations

• AutomationDirect recommends users upgrade the Stride Modbus Field I/O units listed in the affected products section with the firmware associated with the part number. Firmware can be downloaded from the AutomationDirect software downloads page.
• The modules with a listed B/N number in the affected products section have a firmware update issue and must be returned to AutomationDirect for replacement modules; users can create an RMA on the AutomationDirect website.
• Automation networks and systems may have built-in password protection schemes, but this is only one step in securing systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products and SCADA systems perform their own network security analysis to determine the proper level of security required for their application.
• Secure physical access.
• Isolate and air gap networks when possible.
• Follow the security considerations in the Automation Direct Security Considerations document.
• See AutomationDirect product advisory number PA-COM-006 for more information.

Affected Vendors

Affected Products (14)

Affected Sectors

Commercial Facilities, Critical Manufacturing, Information Technology