Rockwell Automation: Disconnect OT Devices with Public-Facing Internet Access, Patch or Mitigate Logix, FactoryTalk CVEs | allinfosecnews.com

June 5, 2024, 10:18 p.m. | Satnam Narang, Jeff Rotberg

Cyber Exposure Alerts www.tenable.com

An advisory from Rockwell Automation reiterates the importance of disconnecting operational technology devices with public-facing internet access and patching and mitigating systems vulnerable to several flaws.

Background

On May 21, Rockwell Automation published an advisory (SD1672) to provide guidance to customers on best practices to protect operational technology (OT) devices.

Details

For over a decade, reports have shown that OT devices, including controllers, HMI’s (Human Machine Interfaces) and Supervisory Control and Data Acquisition (SCADA) devices, have been at risk of …

access advisory automation best practices customers cves devices facing flaws guidance internet internet access may operational operational technology ot devices patch patching practices protect public rockwell rockwell automation systems technology vulnerable

More from www.tenable.com / Cyber Exposure Alerts

CVE-2024-5806: Progress MOVEit Transfer Authentication Bypass Vulnerability 3 days, 18 hours ago | www.tenable.com

advisory authentication authentication bypass bypass +27

CVE-2024-28995: SolarWinds Serv-U Path/Directory Traversal Vulnerability Exploited in the Wild 1 week ago | www.tenable.com

advisory automated concept cve +33

Microsoft’s June 2024 Patch Tuesday Addresses 49 CVEs 2 weeks, 3 days ago | www.tenable.com

CVE-2024-4577: Proof of Concept Available for PHP-CGI Argument Injection Vulnerability 3 weeks ago | www.tenable.com

Rockwell Automation: Disconnect OT Devices with Public-Facing Internet Access, Patch or Mitigate Logix, FactoryTalk CVEs 3 weeks, 2 days ago | www.tenable.com

access advisory automation best practices +22

CVE-2024-4358, CVE-2024-1800: Exploit Code Available for Critical Exploit Chain in Progress Telerik Report Server 3 weeks, 4 days ago | www.tenable.com

These Services Shall Not Pass: Abusing Service Tags to Bypass Azure Firewall Rules (Customer Action … 3 weeks, 5 days ago | www.tenable.com

abusing action attention azure +16

CVE-2024-24919: Check Point Security Gateway Information Disclosure Zero-Day Exploited in the Wild 4 weeks, 2 days ago | www.tenable.com

Microsoft’s May 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-30051, CVE-2024-30040) 1 month, 2 weeks ago | www.tenable.com

addresses critical critical vulnerability cve +15

Watch Officer and Operations Officer

@ Interclypse | Arlington, VA, US

View on infosec-jobs.com

Sales Development Representative

@ Devo | United States

View on infosec-jobs.com

Principal Software Engineer

@ Oracle | Seattle, WA, United States

View on infosec-jobs.com

Engineering Manager, Cloud - TDIR (Remote)

@ CrowdStrike | USA CA Remote

View on infosec-jobs.com

Linux System Administrator II

@ Peraton | Fort Meade, MD, United States

View on infosec-jobs.com

Linux System Administrator

@ Peraton | Fort Meade, MD, United States

View on infosec-jobs.com