Security Advisory

Rockwell Automation Product Security Advisory

  • May 23 2024

Overview

 

Rockwell Automation has released a security update that addresses a vulnerability in the ManageEngine family of products. Users of affected products are advised to update to the latest version.

Rockwell Automation: A provider of control systems and robotics solutions for industrial automation

 

Affected Products

 

CVE-2021-22681

  • software : RSLogix 5000, Studio 5000, Logix Designer
  • controllers: CompactLogix(1768, 1769, 5370, 5380, 5480, 5550, 5560, 5560, 5570, 5580), DriveLogix(5560, 5730, 1794-L34), Compact GuardLogix(5370, 5380), GuardLogix(5570, 5580), SoftLogix(5800)
  • RSLogix 5000 versions 16 through 20
  • Studio 5000 Logix Designer version 21 or later, and controllers running those versions

 

CVE-2022-1159

  • software: Studio 5000 Logix Designer
  • controllers: ControlLogix(5580), GuardLogix(5580), CompactLogix(5380), CompactLogix(5480), Compact GuardLogix(5380)
  • Studio 5000 Logix Designer v28 or later, and controllers running those versions

 

CVE-2023-3595

  • 1756-EN2T Series(A, B, C), 1756-EN2TK Series(A, B, C), 1756-EN2TXT Series(A, B, C) 5.008 or below and 5.028 versions
  • 1756-EN2T Series(D), 1756-EN2TK Series(D), 1756-EN2TXT Series(D) 11.003 or below
  • 1756-EN2TP Series(A), 1756-EN2TPK Series(A), 1756-EN2TPXT Series(A) 11.003 or below
  • 1756-EN2TR Series(A, B), 1756-EN2TRK Series(A, B), 1756-EN2TRXT Series(A, B) 5.008 or below and 5.028 versions
  • 1756-EN2TR Series(C), 1756-EN2TRK Series(C), 1756-EN2TRXT Series(C) 11.003 or below
  • 1756-EN2F Series(A, B), 1756-EN2FK Series(A, B) 5.008 or below and 5.028 versions
  • 1756-EN2F Series(C), 1756-EN2FK Series(C) 11.003 or below
  • 1756-EN3TR Series(A), 1756-EN3TRK Series(A) 5.008 or below and 5.028 versions
  • 1756-EN3TR Series(B), 1756-EN3TRK Series(B) 11.003 or below
  • 1756-EN4TR Series(A), 1756-EN4TRK Series(A), 1756-EN4TRXT Series(A) 5.001 or below
     

CVE-2023-3596

  • 1756-EN2T Series(A, B, C), 1756-EN2TK Series(A, B, C), 1756-EN2TXT Series(A, B, C) 5.008 or below and 5.028 versions
  • 1756-EN2T Series(D), 1756-EN2TK Series(D), 1756-EN2TXT Series(D) 11.003 or below
  • 1756-EN2TP Series(A), 1756-EN2TPK Series(A), 1756-EN2TPXT Series(A) 11.003 or below
  • 1756-EN2TR Series(A, B), 1756-EN2TRK Series(A, B), 1756-EN2TRXT Series(A, B) 5.008 and below and 5.028 and below versions
  • 1756-EN2TR Series(C), 1756-EN2TRK Series(C), 1756-EN2TRXT Series(C) 11.003 or below
  • 1756-EN2F Series(A, B), 1756-EN2FK Series(A, B) 5.008 or below and 5.028 versions

 

CVE-2023-46290

  • FactoryTalk Service Platform version 2.74

 

CVE-2024-21914

  • FactoryTalk View ME versions prior to 14 

 

CVE-2024-21915

  • FactoryTalk Service Platform versions prior to 2.74

 

CVE-2024-21917

  • FactoryTalk Service Platform 6.31 or below

 

Resolved Vulnerabilities

 

authentication Bypass Vulnerability in Logix Controllers(CVE-2021-22681) [2]

arbitrary Controller Code Injection Vulnerability in Studio 5000 Logix Designer(CVE-2022-1159) [3]

remote code execution vulnerability and one other vulnerability in Select Communication Modules(CVE-2023-3595, CVE-2023-3596) [4]

improper Authentication Vulnerability in FactoryTalk Service Platform(CVE-2023-46290) [5]

xSS Vulnerability in FactoryTalk View ME(CVE-2024-21914) [6]

elevation of Privilege Vulnerability in FactoryTalk Service Platform(CVE-2024-21915) [7]

weak Authentication and Session Management Vulnerability in FactoryTalk Service Platform(CVE-2024-21917) [8]

 

Vulnerability Patches

 

vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2021-22681

– Based on the referenced site[2], users of affected versions should refer to the ‘Risk Mitigation and Recommended User Actions’ section

CVE-2022-1159

– Based on the reference site[3], users of affected versions should refer to ‘Risk Mitigation & User Action’

CVE-2023-3595, CVE-2023-3596

– Based on the reference site[4], users of affected versions should refer to ‘Risk Mitigation & User Action’

CVE-2023-46290

– Users of affected versions should apply the update based on the reference site[5]

CVE-2024-21914

– Users of affected versions should apply the update based on the reference site[6]

CVE-2024-21915

– Users of affected versions should update based on the reference site[7]

CVE-2024-21917

– Users of affected versions should update based on the reference site[8]

 

Referenced Sites

 

[1] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1672.html

[2] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html

[3] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1586.html

[4] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1633.html

[5] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1655.html

[6] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1663.html

[7] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1662.html

[8] https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1660.html

Tags:

Previous Post

Next Post