The global site of the UK's leading magazine for automation, motion engineering and power transmission
28 March, 2024

LinkedIn
Twitter
Twitter link
Rockwell patch fixes potential security problem
Published:  14 June, 2011

Rockwell Automation has issued a software patch to fix a potential security vulnerability in its Electronic Data Sheet Hardware Installation Tool which comes bundled with its RSLinx Classic – which it describes as the most widely installed communication server for automation.

An attacker could exploit the vulnerability by tricking a user into opening an EDS file designed to cause the installation tool to crash, leading to the possible execution of arbitrary code which could subvert other security services.

The US Government’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) says that the buffer overflow vulnerability is “likely exploitable”, but adds that it would require “significant user interaction”. Attackers cannot initiate an exploit from a remote machine, and the exploit is triggered only when a local user runs the vulnerable application and loads the malformed EDS file.

ICS-CERT is not aware of any exploits specifically targeting the vulnerability. “Crafting a working exploit for this vulnerability would be difficult,” it says. “Social engineering is required to convince the user to accept the malformed EDS file. Additional user interaction is needed to load the malformed file. This decreases the likelihood of a successful exploit.”

Rockwell’s patch (Patch Aid 276774) can be downloaded from its Web site by registered users. It has been verified by the CERT Coordination Center, which originally identified the vulnerability.

Rockwell also recommends that concerned users take the following steps to mitigate the risk associated with the vulnerability:
•  restrict physical access to any computer running the software tool;
•  establish policies and procedures so that only authorised personnel have administrative rights on the computer; and
•  obtain EDS product files only from trusted sources, such as product vendors.

RSLinx Classic (above) provides plant-floor device connections for a variety of Rockwell Software applications, including RSLogix 5/500/5000 and RSView32. It also provides open interfaces for third-party HMI, data collection and analysis packages, and custom client applications.

The vulnerability affects all versions of the EDS Hardware Installation Tool up to 1.3.0.1. The tool is designed to parse EDS files containing product-specific information used to register a device on a network.

Magazine
  • To view a digital copy of the latest issue of Drives & Controls, click here.

    To visit the digital library of past issues, click here

    To subscribe to the magazine, click here

     

Poll

"Do you think that robots create or destroy jobs?"

Newsletter
Newsletter

Events

Most Read Articles