{"id":45977,"date":"2022-03-31T22:25:17","date_gmt":"2022-03-31T22:25:17","guid":{"rendered":"https:\/\/www.darkreading.com\/vulnerabilities-threats\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks"},"modified":"2022-03-31T22:25:17","modified_gmt":"2022-03-31T22:25:17","slug":"vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/","title":{"rendered":"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt5f7b065aa1b095cf\/62461e423d0a1a297f392090\/rockwell_1st_footage_shutterstock.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A security vendor&#8217;s recent analysis of Rockwell Automation&#8217;s programmable logic controller (PLC) platform has uncovered two serious vulnerabilities that give attackers a way to modify automation processes and potentially disrupt industrial operations, cause physical damage to factories, or take other malicious actions.<\/p>\n<p>Researchers from Claroty Team82 discovered the vulnerabilities and this week described them as being Stuxnet-like in nature because of how they allow attackers to run malicious code on a PLC without triggering any obviously unusual behavior.<\/p>\n<p>Rockwell Automation simultaneously published advisories on the two flaws for its customers. The advisories are accessible <a href=\"https:\/\/idp.rockwellautomation.com\/adfs\/ls\/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1134276\" target=\"_blank\" rel=\"noopener\">here<\/a> and <a href=\"https:\/\/idp.rockwellautomation.com\/adfs\/ls\/idpinitiatedsignon.aspx?RelayState=RPID%3Drockwellautomation.custhelp.com%26RelayState%3Danswers%2Fanswer_view%2Fa_id%2F1134329\" target=\"_blank\" rel=\"noopener\">here<\/a>, to those who have an account.<\/p>\n<p>The vulnerabilities prompted <a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/current-activity\/2022\/03\/31\/cisa-releases-security-advisories-rockwell-automation-products\" target=\"_blank\" rel=\"noopener\">an alert<\/a> from the US Cybersecurity and Infrastructure Security Agency (CISA) Thursday that points organizations using the affected components to mitigation measures and a detection method for addressing the threat. The agency says the vulnerabilities impact critical infrastructure sector organizations around the world. It identifies the vulnerabilities as involving low attack complexity and one of them as being remotely exploitable.<\/p>\n<p><strong>Remotely Exploitable Vulnerability<\/strong><br \/>The remotely exploitable vulnerability (CVE-2022-1161) has a maximum severity rating of 10 and is present in PLC firmware running on Rockwell&#8217;s ControlLogix, CompactLogix, and GuardLogix lines of control systems.<\/p>\n<p>These are the leading lines of PLCs in Rockwell&#8217;s catalog, says Amir Preminger, vice president of research at Claroty. &#8220;These devices are common in almost all verticals including automotive, food &amp; beverage, and oil &amp; gas,&#8221; Preminger says. &#8220;The only industry that we can think of where we wouldn&#8217;t expect to see them is power transmission and distribution.&#8221;<\/p>\n<p>Preminger says the vulnerability is tied to the fact the PLC stores the executable file \u2014 or bytecode \u2014 and the source code (aka textual code) in separate locations on the PLC. This gives attackers a way to modify the bytecode without changing the source code.<\/p>\n<p>&#8220;The PLC doesn&#8217;t require the two to be compatible,&#8221; Preminger says. &#8220;When an engineer connects to a PLC, they would see the same textual code running, while the bytecode that was altered results in malicious code running without any indication of change.&#8221; <a href=\"https:\/\/claroty.com\/2022\/03\/31\/blog-research-hiding-code-on-rockwell-automation-plcs\/\" target=\"_blank\" rel=\"noopener\">Claroty identified<\/a> 17 Rockwell PLC models as being affected.<\/p>\n<p>CISA&#8217;s alert said the issue stemmed from a failure to control inclusion of functionality from an untrusted sphere. Its recommendations for addressing the problem are <a href=\"https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/icsa-22-090-05\" target=\"_blank\" rel=\"noopener\">available here<\/a>.<\/p>\n<p><strong>Code Injection Vulnerability<\/strong><br \/>The second vulnerability (CVE-2022-1159) is present in Rockwell&#8217;s Studio 5000 Logix Designer, the software that engineers use to program its PLCs. The software allows engineers to develop, compile, and transfer newly developed logic to the company&#8217;s line of programmable logic controllers.<\/p>\n<p>It&#8217;s common for engineers in operational technology environments to make upgrades to the complex logic in PLCs to improve, tweak, or modify whatever process the PLC is controlling, Preminger says. The vulnerability in Studio 5000 Logix Designer allows an attacker that already has administrative access on the workstation running the software to hijack the compilation process and inject malicious code, which they can then execute on the PLC without triggering any alert.<\/p>\n<p>&#8220;CVE-2022-1159 enables an attacker to alter code as it is being compiled without the user&#8217;s knowledge,&#8221; Preminger says. &#8220;This could result in alteration of the logic that the engineer thought they were transferring to the PLC.&#8221;<\/p>\n<p>The vulnerability has been assigned a severity rating of 7.7 out of 10, which makes it high priority but not necessarily a critical vulnerability. CISA&#8217;s <a href=\"https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/icsa-22-090-07\" target=\"_blank\" rel=\"noopener\">advisory<\/a> for the flaw called it a code injection issue.<\/p>\n<p><strong>Potential for Stuxnet-Like Attacks?<\/strong><br \/>Both vulnerabilities exist in different Rockwell Automation components. But they enable attackers to essentially do the same thing: to change the logic flow in a PLC to trigger new commands being set to the physical devices that are being controlled by the system. As an example, Claroty researchers said they changed certain tags \u2014 or automation processes variables \u2014 to different values, which in a real-life situation could have resulted in things like engine speeds being manipulated to cause significant damage to an automation process.<\/p>\n<p>&#8220;This is a Stuxnet-type of attack because Stuxnet was the first reported attack that concealed executed bytecode on a PLC while letting engineers believe that normal code was executed,&#8221; Preminger says. &#8220;Stuxnet altered all the visual indications that something else was running which, in Stuxnet&#8217;s case, resulted in centrifuges spinning faster than what was intended and causing an unexpected result.&#8221;<\/p>\n<p>Concerns over ICS security are by no means new. But they have been heightening in recent years. A <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/industrial-systems-see-more-vulnerabilities-greater-threat\" target=\"_blank\" rel=\"noopener\">recent study<\/a> from Claroty found a 52% increase in reported ICS vulnerabilities in 2021 compared to 2020. That&#8217;s significantly higher growth compared to the 25% increase in disclosed ICS vulnerabilities between 2019 and 2020. Of the 82 vendors whose ICS products contained vulnerabilities last year, 21 had not previously reported any flaws, meaning researchers have begun more broadly hunting for ICS bugs.<\/p>\n<p>A <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/security-researchers-reveal-staggering-magnitude-of-ics-vulnerabilities-in-2021\" target=\"_blank\" rel=\"noopener\">previous report<\/a> that Claroty released last year showed that 90% of the disclosed vulnerabilities in the first six months of 2021 had low attack complexity and 71% had severity ratings of &#8216;high&#8217; or &#8216;critical&#8217;. More than six in 10 (61%) were remotely executable, and 74% did not require any privileges to execute.<\/p>\n<p>Attacks like the one on Colonial Pipeline and reports like the one the FBI recently issued about the operators of the infamous Triton malware <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/triton-malware-still-targeting-energy-firms\" target=\"_blank\" rel=\"noopener\">continuing to attack<\/a> energy sector organizations \u2014 in the same way they did at a Saudi Arabian energy firm in 2017 \u2014 have significantly exacerbated those concerns. Such concerns have contributed to significant new <a href=\"https:\/\/www.darkreading.com\/remote-workforce\/biden-requests-nearly-11b-for-federal-cybersecurity-spending\" target=\"_blank\" rel=\"noopener\">investments<\/a> and <a href=\"https:\/\/www.darkreading.com\/operations\/software-incident-response-among-big-focus-areas-in-bidens-cybersecurity-executive-order-\/d\/d-id\/1341014\" target=\"_blank\" rel=\"noopener\">initiatives<\/a> around cybersecurity from the US government over the past year.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA urges organizations using affected technologies to implement recommended mitigation measures.Read More <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-45977","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-31T22:25:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt5f7b065aa1b095cf\/62461e423d0a1a297f392090\/rockwell_1st_footage_shutterstock.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks\",\"datePublished\":\"2022-03-31T22:25:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/\"},\"wordCount\":922,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt5f7b065aa1b095cf\\\/62461e423d0a1a297f392090\\\/rockwell_1st_footage_shutterstock.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/\",\"name\":\"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt5f7b065aa1b095cf\\\/62461e423d0a1a297f392090\\\/rockwell_1st_footage_shutterstock.jpg\",\"datePublished\":\"2022-03-31T22:25:17+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt5f7b065aa1b095cf\\\/62461e423d0a1a297f392090\\\/rockwell_1st_footage_shutterstock.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt5f7b065aa1b095cf\\\/62461e423d0a1a297f392090\\\/rockwell_1st_footage_shutterstock.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-03-31T22:25:17+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt5f7b065aa1b095cf\/62461e423d0a1a297f392090\/rockwell_1st_footage_shutterstock.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks","datePublished":"2022-03-31T22:25:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/"},"wordCount":922,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt5f7b065aa1b095cf\/62461e423d0a1a297f392090\/rockwell_1st_footage_shutterstock.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/","url":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/","name":"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt5f7b065aa1b095cf\/62461e423d0a1a297f392090\/rockwell_1st_footage_shutterstock.jpg","datePublished":"2022-03-31T22:25:17+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt5f7b065aa1b095cf\/62461e423d0a1a297f392090\/rockwell_1st_footage_shutterstock.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt5f7b065aa1b095cf\/62461e423d0a1a297f392090\/rockwell_1st_footage_shutterstock.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/vulnerabilities-in-rockwell-automation-plcs-could-enable-stuxnet-like-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilities in Rockwell Automation PLCs Could Enable Stuxnet-Like Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45977","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=45977"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45977\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=45977"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=45977"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=45977"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}