FANUC Alert
1806Warning Date
Severity Level
Warning Number
Target Sector
8 December, 2021
● High
2021-3989
All
Description:
FANUC has released a security alert to address several vulnerabilities in the following product:
- R-30iA, R-30iA; v7: v7.20, v7.30, v7.40, v7.43, v7.50, v.763, v7.70
- R-30iB, R-30iB Mate, R-30iB Compact; v8: v8.10, v8.13, v8.20, v8.23, v8.26, v8.30, v8.33, v8.36
- R-30iB Plus, R-30iB Mate Plus, R-30iB Compact Plus, R-30iB Mini Plus; v9: v9.10, v9.13, v9.16, v9.30, v9.36, v9.40
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Execute arbitrary code –remotely
- Denial of service attack (DoS)
Best practice and Recommendations:
The CERT team encourages users to apply best practice:
- Minimizing network exposure for all control system devices and/or systems
- Locating control system networks and devices behind firewalls and isolating them from the enterprise/business network
- When remote access is required, use secure methods such as virtual private networks (VPNs)
- Contact FANUC for further assistance