← Back to home
ICSA-24-226-02  ·  Published 2024-08-13  ·  View on CISA ICS-CERT ↗

Rockwell Automation AADvance Standalone OPC-DA Server

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code in the affected product.

CVEs (2)

Remediations

  • Rockwell Automation has released product updates addressing these vulnerabilities:
  • AADvance Standalone OPC-DA Server: Update to v2.02 or later
  • Customers using the affected software are encouraged to apply the risk mitigations, if possible.
  • For information on how to mitigate Security Risks on industrial automation control systems, Rockwell Automation encourages customers to implement our suggested security best practices to minimize the risk of the vulnerability.
  • Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment-specific prioritization.

Affected Vendors

Rockwell Automation

Affected Products (1)

Rockwell Automation · AADvance Standalone OPC-DA Server >=v2.01.510

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more