ICS-CERT Advisory: ICSA-13-011-03: Rockwell Automation ControlLogix Multiple PLC Vulnerabilities   [open pdf - 92KB]

"This advisory is a follow up to the original alert titled ICS-Alert-12-020-02A - Rockwell Automation ControlLogix Multiple PLC Vulnerabilitiesa that was published February 14, 2012, on the ICS-CERT Web page. Independent researcher Rubén Santamarta of IOActive identified multiple vulnerabilities in Rockwell Automation's ControlLogix PLC and released proof-of-concept (exploit) code at the Digital Bond S4 Conference on January 19, 2012. The vulnerabilities are exploitable by transmitting arbitrary commands from a control interface to the programmable logic controller (PLC) or network interface card (NIC). The information was released without coordination with either the vendor or ICS-CERT. Rockwell Automation released firmware patches on July 18, 2012, that resolve the following vulnerabilities. There have been no updates from Rockwell since these patches were released. Exploitation of these vulnerabilities could allow loss of confidentiality, integrity, and availability of the device. These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are publicly available."

Report Number:
ICS-CERT Advisory, ICSA-13-011-03
Public Domain
Retrieved From:
United States Computer Emergency Readiness Team: http://www.us-cert.gov/
Media Type:
Help with citations