1. Control
  2. PLCs/PACs

Rockwell Automation offers mitigation strategies for Logix controller vulnerabilities

March 2, 2021
CISA advisory warns of possibility of unauthenticated attacks

The Cybersecurity & Infrastructure Security Agency (CISA) issued ICS Advisory 21-056-03 on February 25, regarding Rockwell Automation Logix controllers and software. Rockwell Automation says it has taken proactive steps in conjunction with the CISA to mitigate any risks.

The risk evaluation cites that successful exploitation of insufficiently protected credentials could allow a remote unauthenticated attacker to bypass the verification mechanism and connect with Logix controllers. Additionally, this vulnerability could enable an unauthorized third-party tool to alter the controller’s configuration and/or application code.

"Rockwell Automation has worked closely with and in coordination with CISA and the researchers as part of our standard coordinated vulnerability disclosure process," says Marci Pelzer, director, global external communications, at Rockwell Automation.

Rockwell Automation has determined that this vulnerability cannot be mitigated with a patch, and it encourages customers to implement the mitigation strategies outlined in its February 25 disclosure:

  • Deploy contemporary TLS and DTLS based secure communications features to supported products. This feature, known as CIP Security, is an enhancement to the ODVA EtherNet/IP industrial communication standard and directly addresses the vulnerability noted in the disclosure. CIP Security allows for users to leverage and manage certificates and/or pre-shared keys.
  • Leverage the key switch available on Rockwell Automation controllers by placing controllers in Run Mode to prevent unauthorized user program or configuration changes.
  • Customers should confirm they are employing proper network segmentation and security controls. Specifically, network exposure for all control system devices should be minimized and control systems should be behind firewalls and isolated from other networks when possible.

"The most up-to-date information can always be found in our Rockwell Automation Industrial Security Advisory index,” explains Pelzer. “We will always coordinate and work with CISA to provide the latest information when possible." A link to the CISA ICS advisory can be found here.

About the Author

Mike Bacidore | Editor in Chief

Mike Bacidore is chief editor of Control Design and has been an integral part of the Endeavor Business Media editorial team since 2007. Previously, he was editorial director at Hughes Communications and a portfolio manager of the human resources and labor law areas at Wolters Kluwer. Bacidore holds a BA from the University of Illinois and an MBA from Lake Forest Graduate School of Management. He is an award-winning columnist, earning multiple regional and national awards from the American Society of Business Publication Editors. He may be reached at [email protected] 

Email

Continue Reading

Sponsored Recommendations

IDEC Push-In Terminals make control panel wiring quicker and easier

Push-in terminals simplify the wiring of control panels for equipment manufacturers that have many control devices in the panel. The push-in terminal also reduces manufacturing...

Addressing Harsh Environmental Challenges with Technology

Discover why rugged HMI technology is crucial for enhancing machine performance and reliability in harsh environments. Learn about our high-quality, certified solutions designed...

2024 State of Technology Report: Motors, Drives & Motion

Motion makes manufacturing move. Motors and drives are at the core of industrial operations. Without them, production comes to a halt. This new State of Technology Report from...

Case Study: Conveyor Solution for Unique Application

Find out how the Motion Automation Intelligence Conveyor Engineering team provided a new and reliable conveyance solution that helped a manufacturer turn downtime into uptime....

Latest from PLCs/PACs

Most Read

Sponsored