Rockwell Automation 1756-EN2, 1756-EN3, and 1756-ENBT

Summary

Rockwell Automation's 1756-EN2, 1756-EN3, and 1756-ENBT communication modules are affected by a denial-of-service vulnerability due to improper validation of CIP Implicit Connection packets. An attacker could exploit this by sending crafted packets to disrupt device connections.

IFF Assessment

FOE

This vulnerability allows an attacker to disrupt critical industrial control system communications, posing a direct threat to operational stability.

Severity

7.5 High

The CVSS score of 7.5 (High) reflects the potential for denial-of-service, impacting availability. The attack vector is likely network-based, and the impact on integrity and confidentiality is minimal, but the availability impact is significant for industrial systems.

Defender Context

This alert highlights a critical vulnerability in Rockwell Automation industrial control systems, specifically affecting communication modules. Defenders must prioritize patching or implementing compensating controls for affected versions to prevent potential denial-of-service attacks that could disrupt manufacturing operations. Given that one affected product is discontinued with no fix available, strategies for isolation or replacement are crucial.

Read Full Story →