Vulnerabilities in Rockwell Automation Product enable the cybercriminal to attack Engineering Workstations

22
Vulnerabilities in Rockwell Automation

Formerly known as RSLinx Enterprise, FactoryTalk Linx is broadly utilizing products designed to connect Allen Bradley programmable logic controllers (PLCs) with Rockwell applications for programming, HMI interaction well as data acquisition.

Last week, Rockwell Automation, in collaboration with U.S. Cybersecurity and Infrastructure Security Agency (CISA), released a statement informing enterprises using the product that researchers have found three potential serious vulnerabilities. Rockwell has stated that its released updates will eventually patch the vulnerabilities.

Read More: The Evolving Cyber Risks and Vulnerabilities in the Healthcare Industry

One of the flaws that has been rated critical and has been described as a heap overflow bug allows an unauthenticated attacker to run arbitrary code by sending out malicious port ranges.

Source: securityweek