Document ID:
PN1624
Version:
1.0
Impact Level:
Critical
Vulnerability ID's:
CVE-2023-1834
Product ID's:
2198 Kinetix 5500 Drive
Summary
Open Ports Vulnerability in Kinetix 5500 EtherNet/IP Servo Drive
Revision History
Revision Number
1.0
Revision History
Version 1.0 - May 11, 2023
Affected Products
Affected Product | First Known in Firmware Revision | Corrected in Firmware Revision |
Kinetix 5500 manufactured between May 2022 and January 2023 *The manufacturing date of the drive is stated on the product label. | v7.13 | Customers should upgrade to versions v7.14 or later to close the ports, which mitigates this issue. |
Vulnerability Details
Rockwell Automation used the latest version of the CVSS scoring system to assess the following vulnerabilities.
CVE-2023-1834 IMPACT
Rockwell Automation was made aware that Kinetix® 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default.
Known Exploited Vulnerability (KEV) database:
Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment specific prioritization.
CVE-2023-1834 IMPACT
Rockwell Automation was made aware that Kinetix® 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default.
CVSS Base Score: 9.4/10
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
CWE: CWE 284 Improper Access Control
Known Exploited Vulnerability (KEV) database:
No
Customers can use Stakeholder-Specific Vulnerability Categorization to generate more environment specific prioritization.
Risk Mitigation & User Action
Customers using the affected drives are encouraged to apply the risk mitigations, if possible. Additionally, we encourage customer to implement our suggested security best practices to minimize risk of the vulnerability.
- Upgrade to v7.14
- QA43240 - Recommended Security Guidelines from Rockwell Automation
Copyright ©2022 Rockwell Automation, Inc.