Rockwell Automation 1756-EN2, 1756-EN3, and 1756-ENBT
Summary
Rockwell Automation's 1756-EN2, 1756-EN3, and 1756-ENBT communication modules are affected by a denial-of-service vulnerability due to improper validation of CIP Implicit Connection packets. An attacker could exploit this by sending crafted packets to disrupt device connections.
IFF Assessment
This vulnerability allows an attacker to disrupt critical industrial control system communications, posing a direct threat to operational stability.
Severity
The CVSS score of 7.5 (High) reflects the potential for denial-of-service, impacting availability. The attack vector is likely network-based, and the impact on integrity and confidentiality is minimal, but the availability impact is significant for industrial systems.
Defender Context
This alert highlights a critical vulnerability in Rockwell Automation industrial control systems, specifically affecting communication modules. Defenders must prioritize patching or implementing compensating controls for affected versions to prevent potential denial-of-service attacks that could disrupt manufacturing operations. Given that one affected product is discontinued with no fix available, strategies for isolation or replacement are crucial.