Vulnerability Exposes Rockwell Controllers to DoS Attacks

VAN

Member
V
Join Date
Apr 2012
Location
Wa
Posts
509
https://www.securityweek.com/vulnerability-exposes-rockwell-controllers-dos-attacks

Am I missing something, this seems like a fairly trivial issue.

Meaning, if someone has a connection to your local process network they could easily knock your controllers communication offline.

Duplicate IP address, or even use RSLinx and jump onto the back plane.

So, while this is a vulnerability I would assume the bigger issue is why anything has access to your local process network.

edit - I searched to see if this was already talked about and didn't see anything.
 
Last edited:
JeremyM said:
you mean you don't plug the PLC directly into the cable modem???
Click to expand...

I just mean in general, at a site that the network isn't connected to the internet directly (layered).

jraef said:
Kind of old news. It's been addressed in firmware updates, but some of the oldest affected products cannot be updated.
Click to expand...

Right, v11 covers EN2T but ENBT doesn't have a fix that I'm aware of, but I just don't see the issue? If you wanted to disrupt a network, their is so many ways to do it. The last threat rating this has I remember seeing is 8+ out of 10, and it just doesn't make sense to me. It doesn't seems like a pressing issue.
 
Poor code and network architecture will smash your PLC's connection too, but people seem less interested in that :ROFLMAO:
 
I found a hydro electric plant in BC or Alberta on shodan looking for open modbus ports. Could connect with unity and download the program. I couldn't tell who owned it or how to contact them though.
 
I guess looking at open ports isn't illegal.

Is connecting to them?

I realize malicious damage or taking data is certainly illegal. Is just watching through a camera like mentioned earlier?
 

Similar Topics

I
Vulnerability found in Siemens PLCs
Security searchers have found a security flaw with an hardcoded private key. Basically it affects every S7-1200 and S7-1500 CPU version before...
Replies
0
Views
771
Iner
I
J
Rockwell Vulnerability
Here we are on the fools day. Many smart readers here should be aware of these newly discover vulnerabilities...
Replies
3
Views
1,977
L33er
L33er
TheWaterboy
Vulnerability monitoring options for PLC network
Though I am resistant, I am getting pressure to install some sort of vulnerability monitoring on the PLC network so that reports can be generated...
2
Replies
16
Views
5,104
harryting
H
K
SCADA Network Vulnerability Scanning Tool
I'm looking for a toolkit / software to scan a network for vulnerabilities. One time scan, just to see the most obvious holes in their network...
Replies
5
Views
1,845
NetNathan
N
the_msp
Rockwell security vulnerability
I saw a post over on IA; https://forum.inductiveautomation.com/t/new-rockwell-security-vulnerability-a-solid-10-out-of-10/43904 Didn't see one...
Replies
13
Views
3,210
mk42
M
Back
Top Bottom