Rockwell Automation CompactLogix
Summary
CISA has issued an alert regarding vulnerabilities in Rockwell Automation CompactLogix controllers, specifically versions 5370 L1, L2, and L3. Successful exploitation could enable an attacker to cause a denial-of-service condition by exploiting the missing validation of sequence numbers and source IP addresses in the CIP protocol.
IFF Assessment
These vulnerabilities allow attackers to disrupt critical industrial control systems, posing a direct threat to operational integrity.
Severity
The CVSS score of 7.5 reflects the potential for a denial-of-service condition, which is a significant impact for industrial control systems. The vulnerability allows for exploitation without requiring privileges or user interaction, contributing to its exploitability.
Defender Context
Defenders in sectors utilizing Rockwell Automation CompactLogix should prioritize updating affected controllers to version V38.011 as recommended by the vendor. These vulnerabilities highlight the ongoing risks to Operational Technology (OT) environments, where denial-of-service attacks can have severe real-world consequences.