"Rockwell Automation Urges Customers to Disconnect ICS From Internet"

Rockwell Automation has recently issued a security notice urging customers to ensure that their industrial control systems (ICS) are not connected to the internet and exposed to cyber threats. The company has told customers to take "immediate" action and check whether any devices that are not specifically designed for public connectivity are exposed to the web. Rockwell's advisory highlights several vulnerabilities found and patched in recent years, including CVE-2021-22681, CVE-2022-1159, CVE-2023-3595 and CVE-2023-3596, CVE-2023-46290, CVE-2024-21914, CVE-2024-21915, and CVE-2024-21917.  The company noted that these flaws could allow hackers to conduct DoS attacks, escalate privileges, modify settings, remotely compromise PLCs, and even conduct Stuxnet-style attacks. The company says that removing industrial control systems from being connected to the internet is a proactive step that reduces the attack surface and can immediately reduce exposure to unauthorized and malicious cyber activity from external threat actors. CISA has also posted an alert to bring attention to Rockwell's notice. 

SecurityWeek reports: "Rockwell Automation Urges Customers to Disconnect ICS From Internet"