ICSA-23-206-03
·
Published 2023-07-25
·
View on CISA ICS-CERT ↗
Emerson ROC800 Series RTU and DL8000 Preset Controller
CVSS 9.4
CRITICAL
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition or gain unauthorized access to data or control of the device.
CVEs (1)
Remediations
- The Series 1 ROC800 and DL8000 became obsolete in 2008 when the Series 2 was introduced.
- Emerson ROC800-Series RTU firmware updates can be applied to patch the authentication vulnerability:
- OC800 Series 2: 3.91 firmware or later at SupportNet Portal (login required)
- ROC800 Series 1: Update hardware to Series 2 with 3.91 firmware or later
- ROC800L Series 2: 1.71 firmware or later at SupportNet Portal (login required)
- DL8000 Series 2: 2.60 firmware or later at SupportNet Portal (login required)
- DL8000 Series 1: Update hardware to Series 2 with 2.60 firmware or later
- Before installing firmware into the RTU, validate the MD5/SHA256 Hashes published by Emerson on SupportNet match the firmware image confirming it is genuine and unmodified.
- Emerson recommends users follow guidance in the ROC800-Series Remote Operations Controller Instruction Manual under section 1.11 Secure Gateway D301766X012.
Affected Vendors
Emerson
Affected Products (8)
Emerson
·
ROC809 Firmware
vers:all/*
Emerson
·
ROC809 Hardware series
vers:all/*
Emerson
·
ROC827 Firmware
vers:all/*
Emerson
·
ROC827 Hardware series
vers:all/*
Emerson
·
ROC809L Firmware
vers:all/*
Emerson
·
ROC827L Firmware
vers:all/*
Emerson
·
DL8000 Firmware
vers:all/*
Emerson
·
DL8000 Hardware series
vers:all/*
Affected Sectors
Multiple Sectors
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more