Vulnerability Discovered in PowerFlex AC Drives Used in ICS

A vulnerability was recently discovered in Allen Bradley PowerFlex 525 AC drives manufactured by Rockwell Automation. This equipment is used in Industrial Control Systems (ICS) and managed by Supervisory Control and Data Acquisition (SCADA) systems primarily for pumps, fans, and conveyers.  Applied Risk researcher, Nicolas Merle, discovered the flaw that lies within the PowerFlex 525 drive, allowing a Denial of Service (DoS) attack by crashing the Common Industrial Protocol (CIP) stack. Exploitation would cause interruption of software and denial of access to valid users; however, the attacker can continue to send commands such as changing speed or start and stop commands. A power reset will establish recovery of access. There is no evidence of this vulnerability being exploited at the time of this writing. The vulnerability has been validated in software version 5.001, though older versions may also be affected. The NJCCIC advises industrial organizations to patch systems as updates become available. For further information, please review Applied Risk’s advisory and Security Week’s blog post.