Rockwell Automation Lifecycle Services with VMware

Source: All CISA Advisories | Added:

Rockwell Automation has reported several critical vulnerabilities in their Lifecycle Services with VMware, which could lead to code execution on the host or memory leakage. The vulnerabilities are associated with out-of-bounds writes and the use of uninitialized resources, affecting various products including Industrial Data Center and Threat Detection Managed Services.

Impact: Industrial Data Center (IDC) with VMware, VersaVirtual Appliance (VVA) with VMware, Threat Detection Managed Services (TDMS) with VMware, Endpoint Protection Service with Rockwell Automation Proxy & VMware, Engineered and Integrated Solutions with VMware

In the Wild: No

Age: Newly disclosed

Remediation: Rockwell Automation will contact impacted users for remediation; users without contracts should refer to Broadcom's advisories and apply security best practices.

CVE VMware Vulnerability Patch Update

Read Full Original Article →