Filter
23 May 2022
ISaPWN – research on the security of ISaGRAF RuntimeThis report includes an analysis of the ISaGRAF framework, its architecture, the IXL and SNCP protocols and the description of several vulnerabilities the Kaspersky ICS CERT team had identified.
09 December 2016
Vulnerability in Industrial Control software and quality of the patch managementKaspersky Lab ICS-CERT is launching a series of articles devoted to vulnerability analysis across the world. The articles aim to highlight patch management problems in the ICS world. Each article will focus on one popular ICS vendor and known vulnerabilities according to the MITRE Common Vulnerabilities and Exposures (CVE) database.
Filter
20 April 2022
Vulnerability in ICS: assessing the severityOn the last day of March 2022, Claroty (Team82) published an article on two vulnerabilities they had identified in Rockwell Automation products. We believe that the severity of these vulnerabilities has been significantly exaggerated. At the same time, the most dangerous vulnerability in the same products has remained unnoticed.
31 March 2021
Good old buffer overflowCISA has issued an advisory on a Rockwell Automation MicroLogix 1400 buffer overflow vulnerability
27 June 2018
DoS vulnerability in Allen-Bradley CompactLogix and Compact GuardLogix controllersRemote attackers could cause a denial-of-service condition in Allen-Bradley CompactLogix and Compact GuardLogix controllers by exploiting a vulnerability in these devices
09 June 2018
Serious vulnerability in RSLinx Classic and FactoryTalk Linx Gateway by Rockwell AutomationA serious vulnerability has been identified in Rockwell Automation solutions for industrial networks RSLinx Classic and FactoryTalk Linx Gateway
19 April 2018
Vulnerabilities in Rockwell Automation industrial networking solutionsCritical vulnerabilities have been identified in several Rockwell Automation industrial networking devices. The issue is due to Cisco IOS or IOS XE versions with multiple vulnerabilities being used in these devices
30 March 2018
New vulnerabilities in Allen Bradley MicroLogix 1400 PLCsSerious vulnerabilities have been closed in Allen Bradley MicroLogix 1400 PLC series. Exploitation of these vulnerabilities could lead to unauthorized modification of PLC configuration and cause the devices to enter a denial-of-service condition
Filter