Rockwell Automation Comms 1783-NATR Multiple Broken Authentication Vulnerabilities
Vulnerability
Multiple broken authentication vulnerabilities have been identified in the Rockwell Automation Comms 1783-NATR product, specifically in versions through 1.006. These vulnerabilities arise from missing authentication checks on critical functions, potentially leading to a denial-of-service, admin account takeover, or unauthorized modifications of NAT rules. Such NAT rule changes could disrupt device communication or redirect it to incorrect endpoints. The admin account takeover risk allows for configuration changes, with physical access required to restore the system.
Impact
Exploitation of these vulnerabilities could cause a denial-of-service, allow unauthorized takeover of admin accounts, or lead to disruptive modifications of NAT rules, causing communication failures or misrouted data. The admin account takeover could enable unauthorized configuration changes, requiring physical access to the device for restoration.
Remediation
Users can upgrade to version 1.007 or later to address these vulnerabilities. For those unable to upgrade, Rockwell Automation recommends following their security best practices.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.