Severity: 
                            
                            
                                        
                                        High
                                    
                                
                            
                                Advisory ID: 
                            
                            
                                PN1643
                            
                        
                                公開日: 
                            
                            
                                September 12, 2011
                            
                        
                                最終更新日: 
                            
                            
                                September 12, 2011
                            
                        
                                Revision Number: 
                            
                            
                                1.0
                            
                        
                                Known Exploited Vulnerability (KEV): 
                            
                            
                                いいえ
                            
                        
                                Corrected: 
                            
                            
                                いいえ
                            
                        
                                Workaround: 
                            
                            
                                いいえ
                            
                        
                    概要
                
                
                    1756-EN2TR and 1756-EN3TR Open UDP Port Vulnerability
                
              Revision History 
   Revision Number 
   1.0 
   Revision History 
   Version 1.0 – September 12, 2011 
 Affected Products
| Affected Product | First Known in firmware revision | Corrected in firmware Revision | 
| 1756-EN2TR (Series A, B) | 4.002 - 4.003 | 4.004 | 
| 1756-EN3TR (Series A) | 4.002 – 4.003 | 4.004 | 
Additional Notes
Excluding the above product releases, no other released versions of the 1756-EN2TR or 1756-EN3TR communication interfaces exhibit this potential vulnerability. Version 4.002 and 4.003 of the 1756-EN2T, 1756-EN2F, and 1756-EN2TXT do not have this vulnerability.Vulnerability Details
  Rockwell Automation has identified a vulnerability in specific shipping versions of the 1756-EN2TR and 1756-EN3TR EtherNet/IP communication interfaces for the ControlLogix platform. Due to an oversight in the product testing and release process, these particular product versions and accompanying product firmware mistakenly have their 17185/UDP communication port enabled.
 
The 17185/UDP communication port is intended for exclusive use by a vendor’s product development and test teams in order to support pre-release product development and testing activities. The communication port is not intended, nor does it offer any value to control system designers and product users.
 
This open UDP port is classified as a potential vulnerability since an unauthenticated user who gains access to the specific version of the product may be able to gain access to the product’s debugging information, disrupt its operation or potentially cause a denial of service, thereby affecting the product’s operation. This vulnerability is remotely exploitable.
 
 
 
Rockwell Automation is taking proactive, corrective actions in our product testing and release processes to help prevent subsequent reoccurrences of this matter.
 
We recognize the concerns our customers have relating to this matter. We continue to recommend that concerned customers remain vigilant and continue to follow good security practices.
 The 17185/UDP communication port is intended for exclusive use by a vendor’s product development and test teams in order to support pre-release product development and testing activities. The communication port is not intended, nor does it offer any value to control system designers and product users.
This open UDP port is classified as a potential vulnerability since an unauthenticated user who gains access to the specific version of the product may be able to gain access to the product’s debugging information, disrupt its operation or potentially cause a denial of service, thereby affecting the product’s operation. This vulnerability is remotely exploitable.
CVSS Base Score: 7.5/10 (high)
 CVSS 2.0 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:PRockwell Automation is taking proactive, corrective actions in our product testing and release processes to help prevent subsequent reoccurrences of this matter.
We recognize the concerns our customers have relating to this matter. We continue to recommend that concerned customers remain vigilant and continue to follow good security practices.
Risk Mitigation & User Action
  Customers using the affected versions are encouraged to upgrade to corrected firmware revisions. We also strongly encourage customers to implement our suggested security best practices to minimize the risk of the vulnerability. 
 - Update to corrected firmware version.
- QA43240 - Recommended Security Guidelines from Rockwell Automation
Copyright ©2022 Rockwell Automation, Inc.