Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks
Summary
A vulnerability in Rockwell industrial control systems (ICS) that allows for remote hacking is now being exploited in active attacks. This flaw was disclosed and patched in 2021, but its real-world exploitation has only recently been detected.
IFF Assessment
FOE
The in-the-wild exploitation of a previously disclosed vulnerability in critical infrastructure systems poses a direct threat to operational technology environments.
Defender Context
Defenders managing ICS environments need to ensure that all Rockwell systems, even those patched in 2021, are thoroughly audited and secured. The exploitation of older vulnerabilities highlights the persistent risk posed by unpatched or misconfigured legacy systems in critical infrastructure.