Open Ports Vulnerability in Kinetix 5500 EtherNet/IP Servo Drive

Affected Products

Affected Product	First Known in Firmware Revision	Corrected in Firmware Revision
Kinetix 5500 manufactured between May 2022 and January 2023 *The manufacturing date of the drive is stated on the product label.	v7.13	Customers should upgrade to versions v7.14 or later to close the ports, which mitigates this issue.

Vulnerability Details

Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities.

CVE-2023-1834 IMPACT
Rockwell Automation was made aware that Kinetix® 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default.

CVSS Base Score: 9.4/10
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
CWE: CWE 284 Improper Access Control

Known Exploited Vulnerability (KEV) database: No

Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment specific prioritization.

Risk Mitigation & User Action

Customers using the affected drives are encouraged to apply the risk mitigations, if possible. Additionally, we encourage customer to implement our suggested security best practices to minimize risk of the vulnerability.

• Upgrade to v7.14
• QA43240 - Recommended Security Guidelines from Rockwell Automation

Additional Resources

• CVE-2023-1834 JSON