ICSA-23-131-14
·
Published 2023-05-11
·
View on CISA ICS-CERT ↗
Rockwell Automation PanelView 800
CVSS 9.8
CRITICAL
Risk Summary
Successful exploitation of these vulnerabilities could allow remote code execution.
CVEs (2)
Remediations
- Users of the affected software are encouraged to apply the following risk mitigations, if possible:
- Upgrade to V8.011, which has been patched to mitigate these issues.
- Ensure the email feature is disabled (it is disabled by default).
- For information on mitigating security risks on industrial automation control systems (IACS) networks, see the following:
- System Security Design Guidelines Reference Manual publication, SECURE-RM001
- Configure System Security Features User Manual, SECURE-UM001
- Rockwell Automation encourages users to implement their suggested security best practices to minimize risk of vulnerability.
Affected Vendors
Rockwell Automation
Affected Products (3)
Rockwell Automation
·
PanelView 800-2711R-T4T
5.011 | < 8.011
Rockwell Automation
·
PanelView 800-2711R-T7T
5.011 | < 8.011
Rockwell Automation
·
PanelView 800-2711R-T10T
5.011 | < 8.011
Affected Sectors
Energy, Water and Wastewater, Telecommunications
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more