Critical Flaw Found in Rockwell Automation Controllers – Update Your Systems Now

CVECVE-2024-21916
CVSScvssV3_1: 8.6
SourceCVE-2024-21916

Rockwell Automation manufactures industrial control systems that are used across many critical infrastructure sectors. Security researchers have discovered a worrying vulnerability in some of Rockwell’s ControlLogix and GuardLogix controller models.

The vulnerability allows remote attackers to cause a “major nonrecoverable fault” (MNRF) on affected devices. In plain English, this means the controllers could experience a catastrophic failure that requires a restart to recover from. Since these controllers are used for automation and monitoring in things like factories, power plants and other industrial environments, such a fault could potentially disrupt important processes.

Researchers believe attackers could exploit this vulnerability by sending specially crafted network packets to the controllers. No authentication would be required, allowing anyone on the local network to cause issues. This makes the flaw a serious “denial of service” (DoS) risk.

If you use Rockwell Automation ControlLogix or GuardLogix controllers, it’s important to check if your models are affected and update them immediately. Contact Rockwell for the latest patches. It’s also wise to isolate these systems until updates are applied, in case any attackers target them. Taking prompt action can help minimize risks from this critical vulnerability. Process automation networks require robust security practices to prevent disruptions.

References