Loading

PN675 | RSLogix 5000 Software Potential Denial-of-Service Vulnerability

Advisory ID:
PN675
Published Date:
September 13, 2011
Last Updated:
September 13, 2011
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
Não
Corrected:
Não
Workaround:
Não
Summary
RSLogix 5000 Software Potential Denial-of-Service Vulnerability

Introduction

RSLogix 5000 Software Potential Denial-of-Service Vulnerability

Description

September 13, 2011 - version 1.0

This advisory has been replaced with AID# 456144

On September 13, 2011, Rockwell Automation was made aware of a potential vulnerability in RSLogix 5000 software that if successfully exploited, may result in a Denial of Service condition.

We are in the process of validating the potential vulnerability in order to determine possible risk, scope, impacts, and exposure to our customers if it is confirmed.

Based on the outcome of our ongoing investigation, if the vulnerability is confirmed, we will communicate a recommended mitigation strategy to our concerned customers as soon as possible.

Until a specific mitigation strategy is made available, we recommend concerned customers remain vigilant and continue to apply the following security strategies that help reduce risk and enhance overall control system security:

1. Employ layered security and defense-in-depth methods in system design to restrict and control access to individual products and ControlNetworks. Refer to http://www.ab.com/networks/architectures.html for comprehensive information about implementing validated architectures designed to deliver these measures.

2. Restrict physical and electronic access to automation products, networks and systems to only those individuals authorized to be in contact with control system equipment and perform product firmware upgrades to that equipment.

For more information and for assistance with assessing the state of security of your existing control system, including improving your system-level security when using Rockwell Automation and other vendor controls products, you can visit the Rockwell Automation Security Solutions web site at http://www.rockwellautomation.com/solutions/security.

KCS Status

Released

Rockwell Automation Home
Copyright ©2022 Rockwell Automation, Inc.
  1. Chevron LeftChevron Left Únìítèêd Kìíngdöôm Chevron RightChevron Right
  2. Chevron LeftChevron Left Trust Center Chevron RightChevron Right
  3. Chevron LeftChevron Left Industrial Security Adv Chevron RightChevron Right
  4. Chevron LeftChevron Left Industrial Security Advisory Detail Chevron RightChevron Right
Atualize suas preferências de cookies para continuar.
Este recurso requer cookies para melhorar sua experiência. Atualize suas preferências para permitir esses cookies:
  • Cookies de Redes Sociais
  • Cookies Funcionais
  • Cookies de Desempenho
  • Cookies de Marketing
  • Todos os Cookies
Você pode atualizar suas preferências a qualquer momento. Para mais informações, consulte nosso Política de Privacidade
CloseClose