Validation of ICS Vulnerability Related to TCP/IP Protocol Implementation in Allen-Bradley Compact Logix PLC Controller

Abstract

Industrial Control Systems (ICS) research and testing process was implemented to validate the existence of a well known security vulnerability in a Rockwell Automation Allen-Bradley Compact Logix PLC controller. The study was conducted considering a public advisory from the manufacturer, which includes a large list of families of affected products by the vulnerability. The established hypothesis of the study considered the existence of the vulnerability in a specific available PLC model, included by Rockwell Automation manufacturer in the list of affected products. An exploit was developed and multiple testing was performed to trigger the vulnerability. Testing methodology and results indicates there is sufficient evidence to establish that Rockwell Automation Allen-Bradley Compact Logix 5370 L2 controllers, are not affected by the same type of Improper Input Validation vulnerability, than the Compact Logix 5370 L3 controllers, as it was stated by the manufacturer in a public advisory.