ICSA-22-354-02
·
Published 2022-12-20
·
View on CISA ICS-CERT ↗
Rockwell Automation GuardLogix and ControlLogix controllers
CVSS 8.6
HIGH
Risk Summary
Successful exploitation of this vulnerability could potentially lead to degradation in availability of the controller and/or a possible major nonrecoverable fault.
CVEs (1)
Remediations
- For CompactLogix 5370, Compact GuardLogix 5370, ControlLogix 5570, GuardLogix 5570: Users should upgrade to versions 33.013, 34.011, or later.
- For ControlLogix 5570 redundancy: Users should upgrade to versions 33.052, 34.051, or later.
- Rockwell Automation encourages users to apply mitigations on their security best practices web page to reduce risk.
- Users should see the Rockwell Automation security advisory for more information.
Affected Vendors
Rockwell Automation
Affected Products (5)
Rockwell Automation
·
CompactLogix 5370
20-33
Rockwell Automation
·
Compact GuardLogix 5370
28-33
Rockwell Automation
·
ControlLogix 5570
20-33
Rockwell Automation
·
ControlLogix5570 redundancy
20-33
Rockwell Automation
·
GuardLogix 5570
20-33
Affected Sectors
Multiple Sectors
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more