Max level vulnerability found in Logix PLCs

Source: Intpro | Getty Images

A new vulnerability discovered in various Rockwell Automation programmable logic controllers (PLC) has received a 10 out of 10 risk score, the highest possible on the CVSS vulnerability scale.

The new vulnerability is being tracked as CVE-2021-22681. Attackers can abuse this flaw in the Logix Designer 5000 software to gain the secret cryptographic key, which is used to establish a secure connection between the PLC and the engineering station. The keys are baked into the hardware so they cannot be changed by the operator.

Once obtained, the key can be used to bypass verification systems, giving the attacker unrestricted access to the engineering systems. The attacker can then remotely install malware onto the afflicted devices to sabotage the manufacturing process.

Related:

VMware’s code-execution flaw has a severity rating of 9.8 out of 10

 

The Industrial Control System Cyber Emergency Response Team wrote in an advisory that this vulnerability requires low skill to execute.

Although the flaw was publicly disclosed on Feb. 25, Rockwell Automation had known about the flaw since it was first discovered by cybersecurity firm Claroty in 2019.

No patch is currently available. In the meantime, Rockwell Automation recommends setting the controllers to “run” mode and segment the devices’ networks. It also urges operators to keep their security suites up to date.

To track if an attack has occurred, Rockwell Automation suggests monitoring the controller’s changelog and Logix Designer’s Change Detection feature.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) also has a page set up for control systems security recommended practices.

Affected PLCs include:

  • CompactLogix 1768
  • CompactLogix 1769
  • CompactLogix 5370
  • CompactLogix 5380
  • CompactLogix 5480
  • ControlLogix 5550
  • ControlLogix 5560
  • ControlLogix 5570
  • ControlLogix 5580
  • DriveLogix 5560
  • DriveLogix 5730
  • DriveLogix 1794-L34
  • Compact GuardLogix 5370
  • Compact GuardLogix 5380
  • GuardLogix 5570
  • GuardLogix 5580
  • SoftLogix 5800

Would you recommend this article?

+1
0

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Tom Li
Tom Li
As an avid technology enthusiast, Tom loves to fix, break, and talk about electronics. Now he gets to writes about them. Talk about a dream career.

Related Tech News