OTPulse
FeedAboutContact

Rockwell Third-party Local Code Execution Vulnerability in 440G TLS-Z

Monitor7SD1725Mar 24, 2025
Summary

A local code execution vulnerability exists in the third-party local code component used in the 440G TLS-Z device. An attacker with local access could execute arbitrary code with the privileges of the running process.

What this means
What could happen
An attacker with physical or local console access to the 440G TLS-Z could run arbitrary code on the device, potentially altering motor starter configurations, disabling safety interlocks, or disrupting electrical control operations.
Who's at risk
Water and electric utilities using Rockwell Automation 440G TLS-Z soft starters for motor control should evaluate this risk. These devices are commonly deployed in pump stations, compressor control, and industrial motor applications where unauthorized code execution could alter electrical control behavior.
How it could be exploited
An attacker must have local access to the device console or be able to execute commands on the device itself through a pre-established shell. Once local access is achieved, they can exploit the third-party local code vulnerability to run arbitrary code with the privileges of the running process.
Prerequisites
  • Local console access to the 440G TLS-Z device
  • Ability to interact with the third-party local code component directly
No patch availableLocal access required limits exposureAffects motor control equipment
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Third-party Local CodeAll versionsNo fix (EOL)
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGRestrict physical and console access to the 440G TLS-Z device; implement access controls and security policies limiting who can approach or connect to the device
HARDENINGIsolate the 440G TLS-Z device on a protected segment of the control network; use network segmentation and firewalls to limit access from untrusted networks or users
Mitigations - no patch available
0/1
Third-party Local Code has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGMonitor for and log any local console or direct access attempts to the 440G TLS-Z; correlate with physical security logs to detect unauthorized activity
View full Rockwell Automation advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/7d6992a1-4e79-4bdc-bf0c-7c18dc5fb7a9
Rockwell Third-party Local Code Execution Vulnerability in 440G TLS-Z | CVSS 7 - OTPulse