ABB has reported AC500 V2 product part of vulnerability.
The vulnerability allows attackers to stop the PLC by sending a single unauthenticated crafted packetover the network.
After stopping (ERR LED flashing red), physical access to the PLC is required in orderto restart the application.
ABB has developed a new firmware version 2.8.5 fixing this vulnerability.
This firmware version is re-leased for the following affected PLC types:
- PM573-ETH
- PM583-ETH
When using one of these PLC types, ABB strongly recommends updating to firmware version 2.8.5.
Untilthe correction is available for the remaining PLC types, ABB strongly recommends that the affectedproducts should not be used on a public network.
“The vulnerability allows attackers to stop the PLC by sending a single unauthenticated crafted packetover the network. After stopping (ERR LED flashing red), physical access to the PLC is required in orderto restart the application”, says ABB.
More information you can find on this link.