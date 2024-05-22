Rockwell Automation has issued an urgent security notice, advising customers to ensure that their industrial control systems (ICS) are not connected to the internet to protect against cyber threats. This follows a Shodan search revealing over 7,000 internet-exposed devices, including many Allen-Bradley programmable logic controllers (PLCs). The company stressed the importance of disconnecting devices not designed for public connectivity to reduce the risk of cyber attacks amid rising geopolitical tensions. The advisory includes links to best practices and highlights several vulnerabilities (e.g., CVE-2021-22681, CVE-2022-1159, CVE-2023-3595, CVE-2023-3596, CVE-2023-46290, CVE-2024-21914, CVE-2024-21915, CVE-2024-21917) that could allow hackers to perform various malicious activities. Although there are no confirmed attacks exploiting these vulnerabilities, there are indications of attempts by APT groups. The US Cybersecurity and Infrastructure Security Agency (CISA) has also issued an alert to amplify Rockwell’s notice.

