The NCCIC/ICS-CERT has released an advisory on vulnerabilities in Rockwelll Automation Stratix Services Router. Allen-Bradley Stratix 5900 Services Router, versions 15.6.3M1 and earlier, are affected. Successful exploitation of these vulnerabilities could result in loss of availability, confidentiality, and/or integrity caused by memory exhaustion, module restart, information corruption, and/or information exposure. Rockwell Automation has released knowledge base article 1073313. Additionally, Cisco has released Snort Rules 46110 and 46111 to help address CVE-2018-0158 and CVE-2018-0151. The NCCIC/ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!