Critical RCE Bug in Rockwell Automation PLCs Zaps Industrial Sites

Rockwell Automation and CISA warn of security vulnerabilities that affect power plants, factories, and other critical infrastructure sites.

Two vulnerabilities in industrial programmable logic controllers (PLCs) from
Rockwell Automation
threaten critical infrastructure and industrial environments with disruption.
Both of these vulnerabilities are located in the communication modules of the PLCs that are used to physically control operational technology equipment, and are capable of being triggered through malicious common industrial protocol (CIP) messages.
The first is a critical bug, CVE-2023-3595 (CVSS score of 9.8 out of 10), that allows for threat actors to utilize firmware memory, carry out remote code execution (RCE) with persistence, and modify, deny, or even withdraw data that flows through the PLC, thus affecting equipment performance. The second, CVE-2023-3596 (CVSS 7.5), can be used to trigger a denial-of-service (DoS) condition that would render the device inoperable.
Its also possible for cyberattackers to plant themselves inside a PLC and lurk undetected until they choose to carry out an attack. In both cases, there exists the potential to corrupt the information used for incident response and recovery,
said experts at Dragos
. The attacker could potentially overwrite any part of the system to hide themselves and stay persistent, or the interfaces used to collect incident response or forensics information could be intercepted by malware to avoid detection.
The now-vulnerable communications modules are used by various organizations in different industries, including energy and transportation — and organizations should apply patches as soon as possible. Rockwell has provided patches for all products that have been affected, even hardware that has been out of support.
Users can find a list of the products that have been affected in
CISA
and
Rockwell Automation
advisories, along with advice for mitigation and detection.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Critical RCE Bug in Rockwell Automation PLCs Zaps Industrial Sites