ICSA-22-354-04
·
Published 2022-12-20
·
View on CISA ICS-CERT ↗
Rockwell Automation MicroLogix 1100 and 1400
CVSS 7.5
HIGH
Risk Summary
Successful exploitation of these vulnerabilities could create a denial-of-service condition or allow for remote code execution.
CVEs (2)
Remediations
- Disable the web server, if possible (This component is an optional feature and disabling it will not disrupt the intended use of the device)
- Configure firewalls to disallow network communication through HTTP/Port 802
- Upgrade to the MicroLogix 800 or MicroLogix 850 as this device does not have the web server component
- Rockwell Automation also recommends users to employ cybersecurity best practices, as outlined in their Knowledgebase article.
Affected Vendors
Rockwell Automation
Affected Products (3)
Rockwell Automation
·
MicroLogix 1100
vers:all/*
Rockwell Automation
·
MicroLogix 1400 A
<= 7.000
Rockwell Automation
·
MicroLogix 1400 B/C
<= 21.007
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more