ICSA-23-318-02
·
Published 2023-11-14
·
View on CISA ICS-CERT ↗
Rockwell Automation SIS Workstation and ISaGRAF Workbench
CVSS 7.8
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow unprivileged local users to overwrite files replacing them with malicious programs.
CVEs (1)
Remediations
- Rockwell Automation recommends users of the affected software to update the affected product to the latest version:
- Safety Instrumented System Workstation: v2.00 and later
- ISaGRAF Workbench: v6.06.10 and later
- Rockwell Automation encourages users of the affected software to apply the risk mitigations, if possible. Additionally, they encourage customers to implement Rockwell Automation suggested security best practices to minimize the risk of vulnerability.
Affected Vendors
Rockwell Automation
Affected Products (2)
Rockwell Automation
·
Safety Instrumented System Workstation
>=v1.2|<v2.00
Rockwell Automation
·
ISaGRAF Workbench
>=v6.6.9|<v6.06.10
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more