Allen Bradley controllers have multiple security vulnerabilities

David Heath
Thursday, 28 January 2010 12:01

Business IT - Security

Multiple vulnerabilities exist in Allen Bradley Micrologix 1100 and 1400 PLCs.

According to C4 Security (the discoverers of the problem) an attacker might use these vulnerabilities to:

* Halt the system's operation (Denial of Service)

* Gain unauthorized access with high privileges to the system

* Leverage these vulnerabilities to attempt to find additional vulnerabilities in the server to carry out "field to field" attack vectors

 C4 have advised that they will only detail the vulnerabilities to "verified utility personnel and governmental agencies."  One can only assume that commercial users of these devices must seek assurance from Allen Bradley themselves, however a perusal of Allen Bradley's website and discussion forums did not reveal any reference to this specific issue.

Making inferences from the statements provided by C4, it appears to be an issue with the Ethernet-based control network upon which these devices reside as C4 specifically recommends: "Consult with Rockwell Automation or a SCADA security company on how to mitigate the found vulnerabilities by restricting access to the control network."

Interestingly, almost ANY security conscious organisation would want to be very sure that the control network of any factory, mine-site, public utility or food manufacturing facility was properly secured; clearly this would be the best defence against such an attack, but in this ever-increasingly connected world, maintaining such a disconnection is becoming very difficult.

Allen Bradley has been contacted for comment, an update will be provided upon their response.