QID 590350
Date Published: 2022-06-23
QID 590350: Rockwell Automation Allen-Bradley Stratix and Allen-Bradley ArmorStratix Vulnerability (ICSA-17-094-03)
AFFECTED PRODUCTS
The following versions of the Allen-Bradley Stratix and ArmorStratix Industrial Ethernet and Distribution switches are affected:
Allen-Bradley Stratix 5400 Industrial Ethernet Switches, All Versions 15.2(5)EA.fc4 and earlier,
Allen-Bradley Stratix 5410 Industrial Distribution Switches, All Versions 15.2(5)EA.fc4 and earlier,
Allen-Bradley Stratix 5700 and ArmorStratix 5700 Industrial Managed Ethernet Switches, All Versions 15.2(5)EA.fc4 and earlier,
Allen-Bradley Stratix 8000 Modular Managed Industrial Ethernet Switches, All Versions 15.2(5)EA.fc4 and earlier, and
Allen-Bradley Stratix 8300 Modular Managed Industrial Ethernet Switches, All Versions 15.2(4a)EA5 and earlier.
QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of Rockwell using registry "HKLM\SOFTWARE\Rockwell Software"
Successful exploitation of this vulnerability may allow a remote attacker to impact the availability of the target device or to execute arbitrary code with elevated privileges.
Customers are advised to refer to CERT MITIGATIONS section ICSA-17-094-03 for affected packages and patching details.
- ICSA-17-094-03 -
www.us-cert.gov/ics/advisories/ICSA-17-094-03
CVEs related to QID 590350
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ICSA-17-094-03 |
www.us-cert.gov/ics/advisories/ICSA-17-094-03 |