Minimize network exposure for all control system devices and/or systems and ensure that they are not accessible from the Internet.Use trusted software, software patches, antivirus/antimalware programs and interact only with trusted websites and attachments.Rockwell Automation recommends the following general mitigations:
Ensure the least-privilege user principle is followed, and user/service account access to shared resources (such as a database) is only granted with a minimum number of rights as needed.Information on using AppLocker with Rockwell Automation products is available at Knowledgebase Article ID 546989 Use of Microsoft AppLocker or other similar allow list application can help mitigate risk.Run all software as user, not as an administrator, to minimize the impact of malicious code on the infected system.Rockwell Automation recommends the following software/PC-based mitigation strategies when running the affected products on a PC: Rockwell Automation recommends users apply the latest update: COMPANY HEADQUARTERS LOCATION: United StatesĬlaroty and Cognite reported this vulnerability to Rockwell Automation.CRITICAL INFRASTRUCTURE SECTORS: Food and Agriculture, Transportation Systems, Water and Wastewater Systems.A CVSS v3 base score of 7.5 has been calculated the CVSS vector string is ( AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H).
Equipment: DriveTools SP and Drives AOP.
0 kommentar(er)
