Allen-Bradley Stratix and ArmorStratix

Multiple vulnerabilities in Cisco IOS and IOS XE software affect some of Rockwell Automation’s Allen-Bradley Stratix and ArmorStratix industrial ethernet switches. The switches, used in critical manufacturing, energy, and water sectors globally, use the Cisco software to securely integrate with enterprise networks. The Cisco IOS and IOS XE vulnerabilities affect Stratix 5400, 5410, 5700, and 8000 devices running firmware versions 15.2(5)EA.fc4 and earlier, Stratix 5900 version 15.6(3)M1 and earlier, Stratix 8300 versions 15.2(4)EA and earlier, and ArmorStratix 5700 versions 15.2(5)EA.fc4 and earlier. Successful exploitation of these vulnerabilities could allow a remote, unauthenticated threat actor to execute code, reload the device, and take control of the affected system. The NJCCIC recommends all users and administrators of the affected products review the ICS-CERT advisory and the Cisco Security Advisory. Users and administrators of Stratix 8300 are advised to update to version 15.2(4a)EA5, and users and administrators of the other affected products are advised to disable specific management information bases (MIBs), use strong SNMP credentials, use firewalls to prevent unauthorized SNMP requests, and use the Snort rules in the Cisco Advisory to detect exploits until patches are available.

AdvisoryNJCCICCisco, Rockwell