Security Experts:

Rockwell Automation Switches Exposed to Attacks by Cisco IOS Flaws

Rockwell Automation informed customers this week that its Allen-Bradley Stratix and ArmorStratix industrial switches are exposed to remote attacks due to vulnerabilities in Cisco’s IOS software.

Allen-Bradley Stratix and ArmorStratix switches, which are used in the critical manufacturing, energy and other sectors, rely on Cisco’s IOS software for secure integration with enterprise networks. Rockwell Automation has determined that eight flaws discovered recently in Cisco IOS also affect its own products.Cisco IOS vulnerabilities impact Allen-Bradley Stratix industrial switches

According to Rockwell and ICS-CERT, Stratix 5400, 5410, 5700, 8000 and ArmorStratix 5700 switches running firmware version 15.2(6)E0a and earlier are impacted by critical and high severity vulnerabilities that can be exploited remotely and without authentication for denial-of-service (DoS) attacks and arbitrary code execution.

The issues include CVE-2018-0171, a critical remote code execution flaw in the Smart Install feature that can be exploited to take complete control of vulnerable devices. The Smart Install protocol has been abused in many attacks over the past years, including by state-sponsored threat groups, and Cisco has warned that malicious actors may start exploiting CVE-2018-0171 as well.

Rockwell has released firmware version 15.2(6)E1 to address the vulnerabilities in the aforementioned switches.

Learn More at SecurityWeek’s ICS Cyber Security Conference

The vendor also informed organizations using Allen-Bradley Stratix 5900 Services Routers with version 15.6.3M1 and earlier of the firmware that four of the Cisco IOS vulnerabilities impact these devices.

Rockwell has not released any firmware updates for this device and instead advised users to implement mitigations.

The company and ICS-CERT have also published advisories describing the impact of the eight Cisco IOS flaws on Allen-Bradley Stratix 8300 Industrial Managed Ethernet Switches with firmware versions 15.2(4a)EA5 and earlier. Mitigations have been made available for these switches as well.

Related: Cisco IOS Flaws Expose Rockwell Industrial Switches to Remote Attacks

Related: Rockwell Updates Stratix Routers to Patch Cisco IOS Flaws

Related: Rockwell Automation Patches Serious Flaw in MicroLogix 1400 PLC

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.