All advisories
CriticalPublished 2024-01-09 · 2h ago

ICSA-24-009-01 · CVE-2024-21912

CompactLogix unauthenticated firmware overwrite

A flaw in the firmware update routine allows unauthenticated attackers on the local subnet to overwrite controller firmware over CIP, leading to denial of process and remote code execution.

Mitigations

  1. 01Upgrade to firmware ≥ 33.012
  2. 02Restrict CIP traffic to engineering workstations only
  3. 03Place controllers in a Level 1 zone with a single conduit to Level 2