Rockwell Automation Addresses Flaws in Programmable Controllers

I'm curious, if someone has access to the network your PLC is on while it is in Remote RUN, and can send packets of information to it... couldn't they also just connect to the controller and straight up modify the program or place the controller in Program mode or something along those lines to be malicious?
 
Tharon said:
I'm curious, if someone has access to the network your PLC is on while it is in Remote RUN, and can send packets of information to it... couldn't they also just connect to the controller and straight up modify the program or place the controller in Program mode or something along those lines to be malicious?
Click to expand...

That's not a bug, that's a feature!

(I actually have no idea if you can or not)
 
Tharon said:
I'm curious, if someone has access to the network your PLC is on while it is in Remote RUN, and can send packets of information to it... couldn't they also just connect to the controller and straight up modify the program or place the controller in Program mode or something along those lines to be malicious?
Click to expand...

Yes, but this is talking about replacing the AB firmware with a malicious one. So basically talking about being malicious in a normal ladder logic program vs. malicious with the bare metal hardware. With the bare hardware, you'd be free to send out packets for your DoS attack much quicker than with something in ladder.
 
Epy said:
Yes, but this is talking about replacing the AB firmware with a malicious one. So basically talking about being malicious in a normal ladder logic program vs. malicious with the bare metal hardware. With the bare hardware, you'd be free to send out packets for your DoS attack much quicker than with something in ladder.
Click to expand...

Oh snap, when they said said "arbitrary code", I thought they meant you could download whatever ladder you want, ignoring password locks. Actual bare metal code execution, that's a doozy.
 

Similar Topics

A
Rockwell Automation Process Objects Library - Auto Discovery
I noticed in Rockwell AOIs, they add a BOOL Output parameter at the end of the "Parameters" list of each AOI that carries the same name as the...
Replies
1
Views
72
cardosocea
C
S
Rockwell Automation 1769-L36ERMS PLC LITERAL STRING
Hello Guys, I am using 1769-L36ERMS PLC by Rockwell which doesn't let me MOV or COP literal text into string datatype? i very well know the...
Replies
13
Views
391
Shivsrikakolum
S
B
Does Rockwell Automation have an Input that will receive an input from a Load Cell
Good Afternoon , Does Rockwell Automation have an Input Card , maybe in the 1734 series , or CompactLogix series that will receive signals...
2
Replies
15
Views
836
busarider29
busarider29
R
Help with Rockwell Automation Ladder Logic for Max Height & Peak Detection
Hi everyone, I'm working on a project that involves using a Keyence LR-X100 sensor in Studio 5000 V35 ladder logic to determine the object's...
Replies
4
Views
676
creativepaper
C
M
Time Sync problem (Rockwell Automation)
I have a problem with time sync working in this topology. I have a plc with grandmaster clock controlling motion groups. I wanted to add kinetix...
Replies
7
Views
1,038
muusic_man
M
Back
Top Bottom