Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able to communicate through NATR as a result of denial-of-service or NAT rule modifications. NAT rule modification could also result in device communication to incorrect endpoints. Admin account takeover could allow modification of configuration and require physical access to restore.
The vulnerabilities result from the lack of authentication mechanisms (CWE-306) protecting critical device functions. An unauthenticated attacker can remotely invoke these functions directly without providing any credentials. As a result, it is possible to take over the administrator account, modify network address translation (NAT) rules, or cause the device to enter a denial-of-service state. Modification of NAT rules can redirect network traffic to incorrect endpoints, disrupting communication of industrial devices.
An attacker can completely take over the administrator account and change device configuration, block communication through NATR via denial-of-service, or redirect network traffic to unauthorized endpoints. Restoring the device after administrator account takeover may require physical access to the hardware.
Patches available from the manufacturer should be applied in accordance with the references — details in the Rockwell Automation security bulletin SD1756 available at: https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1756.html
Rockwell Automation 1783-NATR and 1783-NATR firmware — versions indicated in the manufacturer's references
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XRockwellautomation 1783 Natr
HWRockwellautomationwszystkie wersjeRockwellautomation 1783 Natr Firmware
OSRockwellautomation< 1.007
Related vulnerabilities
A Stored Cross-Site Scripting security issue exists in the affected product that could potentially allow a mal...
A cross-site request forgery security issue exists in the product and version listed. The vulnerability stems ...
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in...
Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 ...
Słabe szyfrowanie haseł w Rockwell Automation FactoryTalk AssetCentre