Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Organizations Informed of 10 Vulnerabilities in Rockwell Automation Products 

In the past week Rockwell Automation addressed 10 vulnerabilities found in its FactoryTalk, PowerFlex and Arena Simulation products.

Rockwell Automation vulnerabilities

Rockwell Automation in the past week published three new security advisories that inform customers about a total of 10 vulnerabilities discovered recently in its FactoryTalk, PowerFlex and Arena Simulation products.

The US cybersecurity agency CISA has also released advisories to inform organizations about the vulnerabilities found in the industrial automation giant’s products.

One of the advisories describes six flaws found and patched in the Arena Simulation software. The list includes five high-severity arbitrary code execution vulnerabilities and one medium-severity information disclosure and denial-of-service (DoS) issue. 

Exploitation of each vulnerability requires convincing the targeted user to open a malicious file. 

Rockwell Automation has credited researcher Michael Heinzl for reporting these vulnerabilities. Heinzl is often credited by vendors for reporting potentially serious vulnerabilities whose exploitation involves opening specially crafted files

In the case of the Arena Simulation software vulnerabilities, Heinzl on Tuesday published his own advisories on his personal website. The researcher’s advisories reveal that exploitation involves specially crafted DOE files and that the findings were reported to the vendor through CISA in late November 2023.

The second Rockwell Automation advisory published in recent days covers three high-severity PowerFlex product vulnerabilities that can be exploited for DoS attacks. The vendor has yet to release any patches for these flaws, and advises customers to apply mitigations and security best practices to prevent exploitation. 

The third advisory describes one medium-severity security issue discovered by Rockwell during internal testing in the FactoryTalk View ME product. Software updates have been released to patch the vulnerability.

Advertisement. Scroll to continue reading.

“A vulnerability exists in the affected product that allows a malicious user to restart the PanelView Plus 7 terminal remotely without security protections. If the vulnerability is exploited, it could lead to the loss of view or control of the PanelView product,” the company explained. 

Rockwell Automation recently announced that Stephen Ford has joined the company as vice president and chief information security officer (CISO).

Related: Rockwell Automation Warns Customers of Cisco Zero-Day Affecting Stratix Switches

Related: Rockwell ThinManager Vulnerabilities Could Expose Industrial HMIs to Attacks

Related: APT Exploit Targeting Rockwell Automation Flaws Threatens Critical Infrastructure

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Shay Mowlem has been named CMO of runtime and application security company Contrast Security.

Attack detection firm Vectra AI has appointed Jeff Reed to the newly created role of Chief Product Officer.

Shaun Khalfan has joined payments giant PayPal as SVP, CISO.

More People On The Move

Expert Insights

Related Content

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or...

ICS/OT

Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...

Cybercrime

Energy giants Schneider Electric and Siemens Energy confirm being targeted by the Cl0p ransomware group in the campaign exploiting a MOVEit zero-day.

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

As smart cities evolve with more and more integrated connected services, cybersecurity concerns will increase dramatically.