Vulnerability found in SAGE RTU products if using ISaGRAF functionality. Fix to resolve vulnerability currently scheduled to release by August 2021. Mitigation instructions are as follows, note that if you are not using ISaGRAF functionality the default is to have all ports disabled and there is no vulnerability. Also, note that you will need to apply firmware C3414-500-S02K2 or later to apply this mitigation.
If you are using ISaGRAF RLL programs in the SAGE RTU, the ports will be open, and the firewall will be needed to block access to those ports. If the Firewall rules are employed, you can verify they are working by trying to connect to the RTU with the ISaGRAF development system. If the Firewall is implemented and working correctly, the ISaGRAF development system will fail to connect.
Firewall rules used to block access to TCP ports 1113 and 1131:
Discuss challenges in energy and automation with 30,000+ experts and peers.
Find answers in 10,000+ support articles to help solve your product and business challenges.
Find peer based solutions to your questions. Provide answers for fellow community members!