Number: AV18-107
Date: 04 July 2018
Purpose
The purpose of this advisory is to bring attention to vulnerabilities affecting Rockwell Automation Allen-Bradley Stratix 5950.
Assessment
Rockwell Automation has released a security advisory to address vulnerabilities in products which use the Rockwell Automation Allen-Bradley Stratix 5950, including: Improper Input Validation, Improper Certificate Validation and Resource Management Errors. Successful exploitation of these vulnerabilities could allow an attacker to bypass client certification to create connections to the affected device or cause the device to crash.
Affected Products:
Allen-Bradley Stratix 5950 Security Appliances, running the Cisco ASA v9.6.2 and earlier, are affected:
- 1783-SAD4T0SBK9
- 1783-SAD4T0SPK9
- 1783-SAD2T2SBK9
- 1783-SAD2T2SPK9
CVE References: CVE-2018-0228, CVE-2018-0227, CVE-2018-0231, CVE-2018-0240, CVE-2018-0296
Suggested action
CCIRC recommends that owner/operators test and deploy the vendor released updates or workarounds to affected platforms accordingly.
References
ICS-CERT : ICSA-18-184-01 – Rockwell Automation Allen-Bradley Stratix 5950:
https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01