Summary of security related changes for June 2021.
Security Enhancement Summary:
No security enhancements in firmware release(s).
Security Fix Summary:
Vulnerability found if using ISaGRAF functionality. Fix to resolve vulnerability currently scheduled to release by August 2021. Mitigation instructions are as follows, note that if you are not using ISaGRAF functionality the default is to have all ports disabled and there is no vulnerability.
If you are using ISaGRAF RLL programs in the SAGE RTU, the ports will be open, and the firewall will be needed to block access to those ports. If the Firewall rules are employed, you can verify they are working by trying to connect to the RTU with the ISaGRAF development system. If the Firewall is implemented and working correctly, the ISaGRAF development system will fail to connect.
Firewall rules used to block access to TCP ports 1113 and 1131: