A vulnerability has been discovered in certain versions of MicroLogix 1400 ™ controllers and 1756 ControlLogix® Ethernet/IP Communication modules, which could potentially allow an IP configuration change to occur even when the controller keyswitch is set to Hard Run.
A remote, unauthenticated attacker could request a connection with an affected module and then send an IP configuration change request, which may result in a halt of Ethernet/IP traffic between the affected device and the rest of the system.
This Product Notice informs customers of a required firmware update for Trusted® T8111C TMR Processor Modules shipped with firmware release O10. Customers are advised to update to firmware version O11 or later. Details, including corrective actions, may be found on the Rockwell Automation Knowledgebase Article ID 1075973. Contact the Rockwell Automation Product Safety Group at firstname.lastname@example.org.
Vulnerabilities have been discovered in certain software components of FactoryTalk® Services Platform that may cause a Denial of Service due resource exhaustion. A remote, unauthenticated threat actor could utilize this vulnerability to send a series of crafted packets to the affected ports. As of this announcement and to the current knowledge of Rockwell Automation, there is no publicly available exploit code relating to this vulnerability.
This Product Safety Advisory informs you of a potential anomaly that exists with the Trusted T8111 TMR Processor Module. When used in a dual processor redundant configuration with a second T8111 processor module or a T8110 processor module, the Active processor may go into its shutdown state with the second Standby module not becoming Active. This is due to the Active / Standby link between the two processors becoming synchronized, causing interference with the diagnostics. This may result in a full system shutdown.