Security News

Rockwell Automation says a new remote code execution exploit linked to an unnamed Advanced Persistent Threat group could be used to target unpatched ControlLogix communications modules commonly used in manufacturing, electric, oil and gas, and liquified natural gas industries.The company teamed up with the U.S. Cybersecurity and Infrastructure Security Agency to analyze the exploit linked to APT threat actors, but they have yet to share how they obtained it.

Rockwell Automation has fixed two vulnerabilities in the communication modules of its ControlLogix industrial programmable logic controllers, ahead of expected in-the-wild exploitation. "An unreleased exploit capability leveraging these vulnerabilities is associated with an unnamed APT group," industrial cybersecurity company Dragos has stated on Wednesday.

The U.S. Cybersecurity and Infrastructure Security Agency has alerted of two security flaws impacting Rockwell Automation ControlLogix EtherNet/IP communication module models that could be exploited to achieve remote code execution and denial-of-service. "The results and impact of exploiting these vulnerabilities vary depending on the ControlLogix system configuration, but they could lead to denial or loss of control, denial or loss of view, theft of operational data, or manipulation of control for disruptive or destructive consequences on the industrial process for which the ControlLogix system is responsible," Draogos said.

Two new security vulnerabilities have been disclosed in Rockwell Automation's programmable logic controllers and engineering workstation software that could be exploited by an attacker to inject malicious code on affected systems and stealthily modify automation processes. CVE-2022-1161 - A remotely exploitable flaw that allows a malicious actor to write user-readable "Textual" program code to a separate memory location from the executed compiled code.

Several vulnerabilities discovered by Kaspersky researchers in Rockwell Automation software impact industrial products from Schneider Electric, GE and other vendors. The security holes were identified by Kaspersky researchers in Rockwell Automation's ISaGRAF, which is designed for the development of automation products.

Industrial automation giant Rockwell Automation has started releasing firmware updates for some of its Stratix switches to address another round of vulnerabilities introduced by the use of Cisco's IOS XE software. Rockwell Automation regularly releases firmware updates for its Stratix devices to address vulnerabilities introduced by the use of Cisco software.

A critical, easy to exploit vulnerability may allow attackers to remotely connect to a number of Rockwell Automation's programmable logic controllers and to install new firmware, alter the device's configuration, and so on. Rockwell Automation's PLCs are used around the world to control industrial equipment.

Industrial organizations have been warned this week that a critical authentication bypass vulnerability can allow hackers to remotely compromise programmable logic controllers made by industrial automation giant Rockwell Automation. The vulnerability, tracked as CVE-2021-22681 with a CVSS score of 10, was independently reported to Rockwell by researchers at the Soonchunhyang University in South Korea, Kaspersky, and industrial cybersecurity firm Claroty.

Researchers have discovered vulnerabilities that expose Rockwell Automation's FactoryTalk Linx and RSLinx Classic products to denial-of-service attacks. According to an advisory published by Rockwell late last month, researchers from cybersecurity firm Tenable discovered a total of four DoS vulnerabilities, three affecting FactoryTalk Linx and one impacting the FactoryTalk Services Platform.

Vulnerabilities discovered by researchers in Rockwell Automation's FactoryTalk Linx product can allow attackers to compromise engineering workstations in industrial environments. FactoryTalk Linx, formerly known as RSLinx Enterprise, is a widely used product designed for connecting Allen Bradley programmable logic controllers to Rockwell applications, including for programming, data acquisition and HMI interaction.