![]() ![]() Rockwell Automation has determined this vulnerability cannot be mitigated with a patch. Restricting or blocking traffic on TCP 44818 from outside of the industrial control system network zone.Locating control system networks and devices behind firewalls and isolating them from the enterprise/business network.Minimizing network exposure for all control system devices and/or systems and confirm these devices are not accessible from the Internet.To reduce risk, Rockwell recommends users ensure they are employing proper network segmentation and security controls including, but not limited to: Rockwell encourages users to combine its specific risk mitigation recommendations with general security guidelines for a comprehensive defense-in-depth strategy.Ī comprehensive defense-in-depth strategy can reduce the risk of this vulnerability. ![]() When remote access is required, use secure methods such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available.For more information on the TCP/UDP ports used by Rockwell Automation products, see BF7490 (login required). VPN is only as secure as the connected devices. Users should refer to the Converged Plantwide Ethernet (CPwE) Design and Implementation Guide for best practices for deploying network segmentation, as well as broader defense-in-depth strategies. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |