Multiple critical vulnerabilities have been identified in AutomationDirect Productivity PLCs, affecting various models and firmware versions. The vulnerabilities include buffer overflows, improper access control, and insufficient data verification, potentially leading to remote code execution and denial of service attacks. The affected PLCs include models from the Productivity 1000, 2000, and 3000 series, with firmware versions as detailed in the advisory.
AutomationDirect has recommended users update their Productivity Suite programming software to version 4.2.0.x or higher and the PLC firmware to the latest version. Additional mitigation strategies include physically disconnecting PLCs from external networks, implementing network segmentation, and using firewalls or NAC policies to block unauthorized traffic. CISA emphasizes minimizing network exposure, using secure remote access methods like updated VPNs, and performing thorough network security analyses to protect these systems.
Organizations should adhere to these guidelines to safeguard their industrial control systems from exploitation. For detailed instructions and further assistance, users are encouraged to contact AutomationDirect Technical Support and consult CISA’s cybersecurity best practices.
Reference:
