An out-of-bounds read in the Productivity Suite allows a physical
attacker to control the length of data sent to a USB device. This can
lead to a system crash or disclosure of kernel memory.
If the update cannot be applied right away, the following
compensating controls are recommended until the upgrade can be
performed.
- Disconnect the engineering workstation from external networks (e.g., the internet or corporate LAN) to reduce exposure.
- Use only trusted, dedicated internal networks or air-gapped systems for device communication.
- Restrict both physical and logical access to authorized personnel only.
- Configure whitelisting so that only trusted, pre-approved applications are allowed to run. Block any unauthorized software.
- Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.
- Enable and regularly review system logs to detect suspicious or unauthorized activity.
- Maintain secure, tested backups of the PLC and its configurations to minimize downtime in case of an incident.
- Continuously evaluate risks associated with running outdated firmware and adjust compensating measures accordingly.
AutomationDirect recommends that users update Productivity suite to
v4.7.0.47 and above
https://www.automationdirect.com/support/software-downloads