Rewterz Threat Alert – Anubis Banking Trojan – Indicators of Compromise
April 4, 2019Rewterz Threat Advisory – CVE-2018-0466 – Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700
April 5, 2019Rewterz Threat Alert – Anubis Banking Trojan – Indicators of Compromise
April 4, 2019Rewterz Threat Advisory – CVE-2018-0466 – Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700
April 5, 2019Severity
High
Analysis Summary
CVE-2018-0472
Sending malformed IPsec packets to an affected device could allow an unauthenticated remote attacker to cause the device to reload. IPsec is disabled by default in the Allen-Bradley Stratix 5950 devices.
Impact
Device Reload
Affected Vendors
Rockwell Automation
Affected Products
Stratix 5950
Remediation
Vendor recommends that users not use any IPsec virtual private network (VPN) connections, including the following:
- LAN-to-LAN IPsec VPN
- Remote-access VPN using the IPsec VPN client
- Layer 2 tunneling protocol (L2TP)-over-IPsec VPN connections