Denial of Service Vulnerability in Rockwell Automation PowerFlex 525 AC Drives

Denial of Service Vulnerability in Rockwell Automation PowerFlex 525 AC Drives

CVE-2018-19282 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier allow remote attackers to cause a denial of service by crashing the Common Industrial Protocol (CIP) network stack. The vulnerability allows the attacker to crash the CIP in a way that it does not accept new connections, but keeps the current connections active, which can prevent legitimate users from recovering control.

Learn more about our Industrial Pen Testing.