Loading

PN675 | RSLogix 5000 Software Potential Denial-of-Service Vulnerability

Advisory ID:
PN675
Veröffentlichungsdatum:
September 13, 2011
Zuletzt aktualisiert:
September 13, 2011
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
Nein
Corrected:
Nein
Workaround:
Nein
Zusammenfassung
RSLogix 5000 Software Potential Denial-of-Service Vulnerability

Introduction

RSLogix 5000 Software Potential Denial-of-Service Vulnerability

Description

September 13, 2011 - version 1.0

This advisory has been replaced with AID# 456144

On September 13, 2011, Rockwell Automation was made aware of a potential vulnerability in RSLogix 5000 software that if successfully exploited, may result in a Denial of Service condition.

We are in the process of validating the potential vulnerability in order to determine possible risk, scope, impacts, and exposure to our customers if it is confirmed.

Based on the outcome of our ongoing investigation, if the vulnerability is confirmed, we will communicate a recommended mitigation strategy to our concerned customers as soon as possible.

Until a specific mitigation strategy is made available, we recommend concerned customers remain vigilant and continue to apply the following security strategies that help reduce risk and enhance overall control system security:

1. Employ layered security and defense-in-depth methods in system design to restrict and control access to individual products and ControlNetworks. Refer to http://www.ab.com/networks/architectures.html for comprehensive information about implementing validated architectures designed to deliver these measures.

2. Restrict physical and electronic access to automation products, networks and systems to only those individuals authorized to be in contact with control system equipment and perform product firmware upgrades to that equipment.

For more information and for assistance with assessing the state of security of your existing control system, including improving your system-level security when using Rockwell Automation and other vendor controls products, you can visit the Rockwell Automation Security Solutions web site at http://www.rockwellautomation.com/solutions/security.

KCS Status

Released

Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left Rockwell Automation Startseite
  2. Chevron LeftChevron Left Trust Center
  3. Chevron LeftChevron Left Industrial Security Adv
  4. Chevron LeftChevron Left Industrial Security Advisory Detail
Bitte aktualisieren Sie Ihre Cookie-Einstellungen, um fortzufahren.
Für diese Funktion sind Cookies erforderlich, um Ihr Erlebnis zu verbessern. Bitte aktualisieren Sie Ihre Einstellungen, um diese Cookies zuzulassen:
  • Social-Media-Cookies
  • Funktionale Cookies
  • Leistungscookies
  • Marketing-Cookies
  • Alle Cookies
Sie können Ihre Einstellungen jederzeit aktualisieren. Weitere Informationen finden Sie in unserem {0} Datenschutzrichtlinie
CloseClose