THE advisory from CISA (ICSA-26-167-03) addresses a vulnerability affecting Rockwell Automation Logix 5370 and 5570 Controllers that could lead to a denial-of-service (DoS) condition, resulting in a major nonrecoverable fault (MNRF). Versions impacted include CompactLogix 5370 <=34.016, Compact GuardLogix 5370 <=35.015, ControlLogix 5570 <=35.015, and GuardLogix 5570 36.012. The CVSS base score is 7.5 (high severity).
Remediation includes updating to fixed product versions, and users are advised to take defensive network measures to mitigate risks. CISA recommends organizations perform proper impact analysis before implementing defensive measures and report any suspicious activity.