Critical Infrastructure Security

Critical Vulnerabilities Found in Rockwell PanelView Plus

Microsoft Uncovers Critical Flaws in Rockwell PanelView Plus
Critical Vulnerabilities Found in Rockwell PanelView Plus
Image: Shutterstock

Microsoft has disclosed critical vulnerabilities in Rockwell Automation's PanelView Plus products that could enable remote code execution and denial-of-service attacks by unauthenticated attackers.

The two security flaws enable hackers to execute code remotely or can lead to information disclosure or a DoS condition.

See Also: How to Take the Complexity Out of Cybersecurity

PanelView Plus is a family of touchscreen human-machine interfaces from Rockwell Automation used for monitoring and controlling industrial processes.

The twin vulnerabilities are tracked as CVE-2023-2071, a remote code execution vulnerability with a CVSS score of 9.8, and a denial-of-service flaw tracked as CVE-2023-29464 with a CVSS score of 8.2.

Microsoft's Defender for IoT research team discovered the vulnerabilities in May and July 2023, while analyzing Common Industrial Protocol communications between two devices. Two devices were communicating using the common industrial protocol, however researchers noticed a lack of encryption and a lack of prior authentication.

The vulnerabilities have not been confirmed to be actively exploited.

Microsoft coordinated with Rockwell Automation through its Security Vulnerability Research program, leading to the release of security patches in September and October 2023.

The patches address these vulnerabilities in FactoryTalk View ME v12/v13 and FactoryTalk Linx v6.20/v6.30 on PanelView Plus.

Organizations are advised to disconnect critical devices from the internet, segment their networks, and restrict access to CIP devices. Microsoft also released a tool for scanning and investigating Rockwell Rslogix devices, available on GitHub.

Microsoft Defender for IoT provides detection and classification of devices using CIP, alerts on unauthorized access, and raises alerts if attempts are made to exploit these vulnerabilities.


About the Author

Prajeet Nair

Prajeet Nair

Assistant Editor, Global News Desk, ISMG

Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.