Rockwell Automation Lifecycle Services with Cisco

Source: All CISA Advisories | Added:

Rockwell Automation has reported a stack-based buffer overflow vulnerability in their Lifecycle Services with Cisco, which could allow low-privileged attackers to cause denial-of-service conditions or high-privileged attackers to execute arbitrary code. The vulnerability affects various products using Cisco IOS XE Software, posing significant security risks to industrial data centers.

Impact: Industrial Data Center (IDC) with Cisco Switching, IDC-Managed Support contract with Cisco Switching, Network-Managed Support contract with Cisco network switch, Firewall-Managed Support contract with Cisco firewall

In the Wild: No

Age: Newly disclosed

Remediation: Contact Rockwell Automation for remediation; apply security best practices.

Read Full Original Article →