27 June 2018
DoS vulnerability in Allen-Bradley CompactLogix and Compact GuardLogix controllers
A vulnerability that could allow remote attackers to cause a denial of service condition has been closed in Rockwell Automation’s Allen-Bradley CompactLogix and Compact GuardLogix controllers. If a device affected by the vulnerability receives a specially crafted TCP packet, this causes a Major Non-Recoverable Fault (MNRF). This is considered a safe condition, but recovery requires the software to be reinstalled.
The vulnerability – CVE-2017-9312 – affects all versions up to 30.012 (inclusive) of the following controllers:
- Allen-Bradley CompactLogix 5370 L1;
- Allen-Bradley CompactLogix 5370 L2;
- Allen-Bradley CompactLogix 5370 L3;
- Allen-Bradley Armor CompactLogix 5370 L3;
- Allen-Bradley Compact GuardLogix 5370;
- Allen-Bradley Armor Compact GuardLogix 5370.
A CVSS v.3 base score of 8.6 has been calculated for the vulnerability.
The vendor has released a new firmware version, in which the vulnerability is fixed.
It is recommended that users who cannot update their devices should block all traffic to Ethernet/IP or CIP protocol-based devices from outside the control network by blocking or restricting access to Port 2222/TCP and UDP and Port 44818/TCP and UDP using firewalls, UTM devices, or other security appliances.
Threats to ICS and industrial enterprises in 2022 as they are foreseen from November 2021
23 November 2021
Good old buffer overflow
31 March 2021
Network Asset Traversal or NATural disaster: NAT Slipstreaming 2.0
30 March 2021