发布日期：2019-04-30
更新日期：2019-05-05

受影响系统：

Rockwell Automation ControlLogix 5370 L3 30.014
Rockwell Automation ControlLogix 5370 L3 30.012
Rockwell Automation ControlLogix 5370 L3 30.011
Rockwell Automation ControlLogix 5370 L3 29.011
Rockwell Automation ControlLogix 5370 L3 28.012
Rockwell Automation ControlLogix 5370 L3 28.011
Rockwell Automation ControlLogix 5370 L3 27.011
Rockwell Automation ControlLogix 5370 L3 26.013
Rockwell Automation ControlLogix 5370 L3 26.012
Rockwell Automation ControlLogix 5370 L3 24.013
Rockwell Automation ControlLogix 5370 L3 24.011
Rockwell Automation ControlLogix 5370 L3 23.012
Rockwell Automation ControlLogix 5370 L3 23.011
Rockwell Automation ControlLogix 5370 L3 21.011
Rockwell Automation ControlLogix 5370 L3 20.019
Rockwell Automation ControlLogix 5370 L3 20.018
Rockwell Automation ControlLogix 5370 L3 20.014
Rockwell Automation ControlLogix 5370 L3 20.013
Rockwell Automation ControlLogix 5370 L3 20.012
Rockwell Automation ControlLogix 5370 L3 20.011
Rockwell Automation ControlLogix 5370 L2 30.014
Rockwell Automation ControlLogix 5370 L2 30.012
Rockwell Automation ControlLogix 5370 L2 30.011
Rockwell Automation ControlLogix 5370 L2 29.011
Rockwell Automation ControlLogix 5370 L2 28.012
Rockwell Automation ControlLogix 5370 L2 28.011
Rockwell Automation ControlLogix 5370 L2 27.011
Rockwell Automation ControlLogix 5370 L2 26.013
Rockwell Automation ControlLogix 5370 L2 26.012
Rockwell Automation ControlLogix 5370 L2 24.013
Rockwell Automation ControlLogix 5370 L2 24.011
Rockwell Automation ControlLogix 5370 L2 23.012
Rockwell Automation ControlLogix 5370 L2 23.011
Rockwell Automation ControlLogix 5370 L2 21.011
Rockwell Automation ControlLogix 5370 L2 20.019
Rockwell Automation ControlLogix 5370 L2 20.018
Rockwell Automation ControlLogix 5370 L2 20.014
Rockwell Automation ControlLogix 5370 L2 20.013
Rockwell Automation ControlLogix 5370 L2 20.012
Rockwell Automation ControlLogix 5370 L1 30.014
Rockwell Automation ControlLogix 5370 L1 30.012
Rockwell Automation ControlLogix 5370 L1 30.011
Rockwell Automation ControlLogix 5370 L1 29.011
Rockwell Automation ControlLogix 5370 L1 28.012
Rockwell Automation ControlLogix 5370 L1 28.011
Rockwell Automation ControlLogix 5370 L1 27.011
Rockwell Automation ControlLogix 5370 L1 26.013
Rockwell Automation ControlLogix 5370 L1 26.012
Rockwell Automation ControlLogix 5370 L1 24.013
Rockwell Automation ControlLogix 5370 L1 24.011
Rockwell Automation ControlLogix 5370 L1 23.012
Rockwell Automation ControlLogix 5370 L1 23.011
Rockwell Automation ControlLogix 5370 L1 21.011
Rockwell Automation ControlLogix 5370 L1 20.019
Rockwell Automation ControlLogix 5370 L1 20.018
Rockwell Automation ControlLogix 5370 L1 20.014
Rockwell Automation ControlLogix 5370 L1 20.013
Rockwell Automation ControlLogix 5370 L1 20.012
Rockwell Automation ControlLogix 5370 L1 20.011

不受影响系统：

Rockwell Automation ControlLogix 5370 L3 31.011
Rockwell Automation ControlLogix 5370 L2 31.011
Rockwell Automation ControlLogix 5370 L1 31.011

描述：

---

BUGTRAQ  ID: 108118
CVE(CAN) ID: CVE-2019-10952

Rockwell Automation MicroLogix是一款可编程控制器平台。
Rockwell Automation MicroLogix存在一个漏洞。通过发送精心设计的HTTP/HTTPS请求，攻击者可以使Web服务器不可用和/或因堆缓冲区溢出导致远程代码执行。需要冷启动才能恢复CompactLogix 5370 L1、L2和L3 Controllers，Compact GuardLogix 5370 Controllers和Armor Compact GuardLogix 5370 Controllers （版本20至30.014，及更早版本的系统）。

<*来源：George Lashenko of CyberX
  
  链接：https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01
*>

建议：

---

厂商补丁：

Rockwell Automation
-------------------
CISA已经为此发布了一个安全公告（ICSA-19-120-01）以及相应补丁:
ICSA-19-120-01：Rockwell Automation CompactLogix 5370
链接：https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01

浏览次数：1774
严重程度：0（网友投票）