Rockwell Automation has patched several critical and high severity vulnerabilities in its RSLinx Classic communications software.
RSLinx Classic is a widely used piece of software that allows organizations to connect Logix5000 programmable automation controllers to various Rockwell applications, including for data acquisition, programming, HMI interaction, and configuration apps. The product is used worldwide, mainly in the energy, critical manufacturing, and water and wastewater systems sectors.
According to advisories published recently by ICS-CERT and Rockwell Automation itself, researchers from Tenable and Nozomi discovered that RSLinx Classic is affected by three vulnerabilities that can allow malicious actors to launch denial-of-service (DoS) attacks, and possibly even execute arbitrary code.
