← Back to home
ICSA-24-086-02  ·  Published 2024-03-26  ·  View on CISA ICS-CERT ↗

Rockwell Automation PowerFlex 527

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this these vulnerabilities could crash the device and require a manual restart to recover.

CVEs (3)

Remediations

  • Rockwell Automation does not currently have a fix for these vulnerabilities. Users of the affected software are encouraged to apply risk mitigations and security best practices, where possible.
  • Implement network segmentation confirming the device is on an isolated network.
  • Disable the web server, if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.
  • Security Best Practices
  • For more information, visit Rockwell Automation's security advisory page.

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · PowerFlex 527 >=v2.001.x

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more