The Cybersecurity and Infrastructure Security Agency (CISA) published 14 advisories, pointing out critical vulnerabilities in important industrial sector products.In its Sept. 9 alert, CISA identified multiple bugs in Rockwell Automation products, including ThinManager, Stratix IOS, FactoryTalk Optix, and Rockwell’s ControlLogix and CompactLogix controllers. CISA also pointed out flaws in ABBs Aspect, Nexus, and Matrix devices.Security pros viewed the advisory as important because it continued CISAs promise in the Trump era to focus on critical infrastructure.Agnidipta Sarkar, chief evangelist at ColorTokens, said that based on the nature of ThinManager and Rockwell Automation's industrial customer base, multiple critical infrastructure sectors could be affected. Sarkar said OT leaders and CISOs in organizations using these affected systems must immediately upgrade ThinManager version 14.1. “In my opinion, time is of the essence, and those who cannot upgrade must immediately use non-intrusive micro-segmentation products that can immediately manage to reduce unauthorized access and lateral movement into these systems,” said Sarkar. “Organizations with large-scale deployments must utilize micro-segmentation platforms that offer a single management capability across OT, IT, and the cloud and can integrate with other cybersecurity tools like EDR. Where possible, they should consider upgrading authentication capabilities with passwordless digital certificate-based technology, so that credential stuffing becomes impossible.”Lawrence Pingree, technology evangelist at Dispersive.io, added that the reason many of these vulnerabilities are critical is that these OT remote services and service accounts are often granted privileges similar to administrators with higher privileges to run tasks like to administrate users, authenticate them, or other permissions. Pingree said in OT environments, patching is difficult or sometimes impossible because of the physical or logical separations of networks and often the age of these devices.“It's important that if the team cannot patch, ideally they should completely isolate and control all the traffic in OT networks,” said Pingree. “Micro-segmentation and being able to address quantum encryption through overlay attack surface elimination is crucial. The real scariest part of OT is that often these devices control the physical realm, meaning tampering could cause safety issues, human harm or death.”
Critical Infrastructure Security, Vulnerability Management, Exposure management, Application security
CISA flags critical flaws in Rockwell Automation, ABB products
(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds