Security News > 2021 > March > Critical flaw in Rockwell PLCs allows attackers to fiddle with them (CVE-2021-22681)

Critical flaw in Rockwell PLCs allows attackers to fiddle with them (CVE-2021-22681)
2021-03-01 12:02

A critical, easy to exploit vulnerability may allow attackers to remotely connect to a number of Rockwell Automation's programmable logic controllers and to install new firmware, alter the device's configuration, and so on.

Rockwell Automation's PLCs are used around the world to control industrial equipment.

The flaw may allow an attacker to discover the cryptographic key used to verify communication between Rockwell Logix controllers and their engineering stations.

"An attacker with this key could mimic a workstation and therefore be able to manipulate configurations or code running on the PLC, and directly impact a manufacturing process," Claroty researchers explained.

The good news is that, according to the U.S. CISA, there are no known public exploits that specifically target this authentication bypass flaw.

There is no fix available, but Rockwell Automation advises administrators to implement specific mitigations and more generic ones.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/oVvFzeUl-nA/