OTPulse
FeedAboutContact

Rockwell Automation 440G TLS-Z

Monitor7ICS-CERT ICSA-25-084-03Mar 25, 2025
Attack VectorLocal
Auth RequiredLow
ComplexityHigh
User InteractionNone needed
Summary

The 440G TLS-Z contains a vulnerability that could allow an attacker with physical access and low-level privileges to take complete control of the device through privilege escalation. This vulnerability cannot be exploited remotely and requires high attack complexity. Version 6.001 is affected with no patch available from the vendor.

What this means
What could happen
An attacker with physical access to the 440G TLS-Z and low-level privileges could take complete control of the device, potentially altering setpoints, disabling safety functions, or stopping operations in critical control systems.
Who's at risk
Organizations operating Rockwell Automation 440G TLS-Z variable frequency drives or other 440G systems in manufacturing, water treatment, power distribution, or other critical infrastructure where process control is essential. Anyone with access to physical control panels or device interfaces should be aware of this risk.
How it could be exploited
An attacker must have physical access to the device and low-level user credentials or permissions. The vulnerability requires local interaction to exploit; it cannot be triggered remotely. Once the prerequisites are met, the attacker can escalate privileges and assume full control of the device.
Prerequisites
  • Physical access to the 440G TLS-Z device
  • Local user-level credentials or ability to interact with the local interface
  • Knowledge of the specific exploitation technique (high attack complexity)
No patch availableRequires physical access (reduces exposure)Low privilege escalation requiredHigh attack complexity (reduces exploitability)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
440G TLS-Z: v6.001v6.001No fix (EOL)
Remediation & Mitigation
0/2
Do now
0/1
HARDENINGRestrict physical access to the 440G TLS-Z and other control system devices to authorized personnel only. Implement access controls on control rooms, cells/areas, and control panels.
Mitigations - no patch available
0/1
440G TLS-Z: v6.001 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement security best practices for industrial automation control systems, including defense-in-depth strategies and network segmentation where feasible.
View full CISA ICS-CERT advisory
โ†‘โ†“ Navigate ยท Esc Close
API: /api/v1/advisories/9f4dcddc-db36-4a4c-bc15-8ce7d5c84dda
Rockwell Automation 440G TLS-Z | CVSS 7 - OTPulse