PN391 | Security Advisory | Rockwell Automation | Rockwell Automation

Advisory ID:

PN391

發佈日期:

February 11, 2020

Introduction

Description

Potential Security Vulnerabilities

Rockwell Automation has identified three potential security vulnerabilities related to the web interface of the 1756-ENBT/A EtherNet/IP Bridge Module (the "Product"). Specifically, the risks include the following:

The potential for cross-site scripting, which could allow the Product to be used in a social engineering attack.
An attacker could potentially craft a URL that looked as if it would take a user to the Product, but would instead execute script from a different location. A successful attack would require the attacker to transmit the crafted URL to a user with access to the web interface of the Product and to convince that user to open the URL.
The potential for web redirection, which could allow the Product to be used in a social engineering attack.
An attacker could potentially craft a URL that looked as if it would take a user to the Product, but would actually direct the browser to a different location. A successful attack would require the attacker to transmit the crafted URL to a user with access to the web interface of the Product and to convince that user to open the URL.
The potential for exposure of some of the Product’s internal web page information. While this does not directly present a functional vulnerability, it does expose some internal information about the module.

Risk Mitigation

None of these issues results in the Product’s web pages or other Product functions being compromised or otherwise affected.

These potential security vulnerabilities are corrected in:

1756-ENBT Version 4.008
1756-EWEB Version 4.009

The best way to mitigate the risk associated with these issues is to employ the following in the design of network architecture:

Layered security.
Defense-in-depth methods.

Refer to http://www.ab.com/networks/architectures.html for comprehensive information about implementing validated architectures designed to deliver these measures.

Additionally, to help mitigate the risk associated with the cross-site scripting potential vulnerability, certain web browsers and/or browser add-ons can be used. Internet Explorer Version 8 (which is currently in beta release) has cross-site scripting protection built-in. Additionally, the NoScript add-on for the FireFox browser can help prevent cross-site scripting attacks.

For more information and for assistance with assessing the state of security of your existing controls system, including improving your system-level security when using Rockwell Automation and other vendor controls products, you can visit the Rockwell Automation Security Solutions web site at http://www.rockwellautomation.com/solutions/security/.