ICSA-24-030-07 · Published 2024-01-30 · View on CISA ICS-CERT ↗

Rockwell Automation LP30/40/50 and BM40 Operator Interface

CVSS 8.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an authenticated attacker to use specifically crafted communication requests to perform a denial-of-service condition, memory overwriting, or remote code execution.

CVEs (15)

CVE-2022-47378 CVE-2022-47379 CVE-2022-47380 CVE-2022-47381 CVE-2022-47382 CVE-2022-47383 CVE-2022-47384 CVE-2022-47386 CVE-2022-47387 CVE-2022-47388 CVE-2022-47389 CVE-2022-47390 CVE-2022-47385 CVE-2022-47392 CVE-2022-47393

Remediations

Rockwell Automation recommends users with the affected software apply the following risk mitigations, if possible:
Upgrade to CODESYS version 3.5.19.2 which has been released to mitigate these issues.
Additionally, we encourage the customer to implement our suggested security best practices to minimize risk of the vulnerability.
Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment-specific prioritization.
Additional information can be found in the CODESYS Advisory.

Affected Vendors

Rockwell Automation

Affected Products (4)

Rockwell Automation · LP30 Operator Panel <V3.5.19.0

Rockwell Automation · LP40 Operator Pane <V3.5.19.0

Rockwell Automation · LP50 Operator Panel <V3.5.19.0

Rockwell Automation · BM40 Operator Panel <V3.5.19.0

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more