Rockwell Automation Stratix routers vulnerable to Cisco IOS XE vulnerability
Take action: Comb through all Rockwell 5200 and 5800 routers disable the WebUI/HTTP server on the internet facing interfaces and check for unknown user accounts. Then work with Rockwell to apply the patch ASAP.
Learn More
Rockwell Automation, is reporting vulnerable devices to the Cisco IOS XE software vulnerability. The vulnerability is already actively exploited since before 16th of October.
The vulnerability affects certain versions of Stratix products running Cisco IOS software:
- Stratix 5800 (with the Web UI feature enabled) - All versions
- Stratix 5200 (with the Web UI feature enabled) - All versions
The mitigating measures of the Cisco advisory are the same - disable the HTTP server on the devices, especially on the public facing interface.
As of 23rd of October Cisco has published a patch, so customers of Rockwell Automation should reach out to Rockwell for advice on updating.
