#ControlLogix

Rockwell PLC Security Bypass Threatens Manufacturing Processes

by

August 6, 2024 at 09:05AM A security vulnerability (CVE-2024-6242, CVSS 8.4) in Rockwell Automation ControlLogix 1756 devices allows remote attackers to send elevated commands, compromising operational technology. The bug bypasses Rockwell’s trusted slot mechanism, enabling unauthorized access to critical infrastructure. To mitigate, apply Rockwell’s patches immediately to affected devices widely used in industrial manufacturing environments. … Read more

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

by

August 5, 2024 at 02:18AM A high-severity security bypass vulnerability (CVE-2024-6242, CVSS 8.4) in Rockwell Automation ControlLogix 1756 devices, disclosed by the U.S. Cybersecurity and Infrastructure Security Agency, allows attackers to execute CIP commands, potentially modifying user projects and device configuration. The vulnerability has been addressed in specific device versions after responsible disclosure. Claroty, the … Read more

Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE

by

June 14, 2024 at 06:39AM Rockwell Automation has addressed three high-severity vulnerabilities in its FactoryTalk View Site Edition (SE) HMI software, including an authentication issue and a local privilege escalation vulnerability. These flaws have been patched in version 14, with advisories published by both Rockwell and CISA. Additionally, a vulnerability affecting certain controllers has also … Read more