Rockwell Automation - Denial-of-service and Input Validation Vulnerabilities in PowerFlex® 527
A denial-of-service vulnerability exists in the Rockwell Automation PowerFlex® 527 due to improper traffic throttling in the device. If multiple data packets are sent to the device repeatedly the device will crash and require a manual restart to recover.
There is no fix currently for this vulnerability. Users using the affected software are encouraged to apply risk mitigations and security best practices, where possible.
* Implement network segmentation confirming the device is on an isolated network.
* Disable the web server https://literature.rockwellautomation.com/idc/groups/literature/documents/um/520-um002_-en-e.pdf , if not needed. The web server is disabled by default. Disabling this feature is available in v2.001.x and later.
* Security Best Practices https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight