Today the DHS ICS-CERT published an industrial control
system security advisory for the Rockwell Automation MicroLogix 1400
programmable logic controllers (PLC). The advisory describes an execution with
unnecessary privileges vulnerability in the PLC due to the use of the Simple
Network Management Protocol (SNMP) to manage the product’s firmware, including
the capability of applying firmware updates to the product.
ICS-CERT reports that a relatively unskilled attacker could
remotely exploit the vulnerability to make unauthorized changes to the
product’s configuration, including firmware updates.
ICS-CERT reports that due to the nature of this product’s
firmware update process, this capability cannot be removed from the product.
The advisory provides a series of mitigating measures to reduce risk of this
capability being used by a malicious actor.
Important Question – What other ICS devices use the same
SNMP protocol?
Posts
No comments:
Post a Comment