PN649 | ControlLogix 1756-EWEB Enhanced Web Server Firmware Upgrade Security Vulnerability

Introduction

Description

June 15, 2011 - Version 1.0

Rockwell Automation has identified a security vulnerability in the firmware upgrade process employed by the ControlLogix 1756-EWEB Series A Enhanced Web Server Module (the "Product"). Details of this vulnerability are as follows:

The potential exists for the Product to accept an altered or corrupted firmware image during its upgrade process that may render the Product inoperable or change its otherwise normal operation.

The results from an attacker’s successful exploitation of this vulnerability could include Denial of Service (DoS) to the Product, loss of Product availability and disruption to both Product and system operation. In an extreme case, successful exploitation could result in a potential misrepresentation of data or a repurposing of the Product for other malicious activities.

To help reduce the likelihood of exploitation and associated security risk, Rockwell Automation recommends the following mitigation strategies. When possible, multiple strategies should be employed simultaneously:

1. Obtain product firmware only from trusted manufacturer sources.
   
2. Employ layered security and defense-in-depth methods in system design to restrict and control access to individual products and ControlNetworks. Refer to http://www.ab.com/networks/architectures.html for comprehensive information about implementing validated architectures designed to deliver these measures.
   
3. Restrict physical and electronic access to automation products, networks and systems to only those individuals authorized to be in contact with control system equipment and perform product firmware upgrades to that equipment.
   
4. Block all traffic to the EtherNet/IP or other CIP protocol based devices from outside the Manufacturing Zone by restricting or blocking access to TCP and UDP Port# 2222 and Port# 44818 using appropriate security technology (E.g. a firewall, UTM devices, or other security appliance).

In addition to these mitigation strategies, Rockwell Automation continues to investigate and evaluate other strategies such as product and system-level techniques and functional enhancements to verify the authenticity of firmware updates and help reduce the likelihood of file tampering.

For more information and for assistance with assessing the state of security of your existing control system, including improving your system-level security when using Rockwell Automation and other vendor controls products, you can visit the Rockwell Automation Security Solutions web site at http://www.rockwellautomation.com/solutions/security.

KCS Status