Security News > 2020 > February > Vulnerable Out of Band Consoles Put Industrial Assets at Risk

Vulnerable Out of Band Consoles Put Industrial Assets at Risk
2020-02-20 02:02

Vulnerable, improperly protected Out of Band consoles expose ships, drilling rigs, remote shore-based facilities, and even mobile vehicles to attackers, researchers from security firm Pen Test Partners warn.

What may cause an issue is keeping poorly protected OOB consoles exposed to the Internet, Pen Test Partners' Ken Munro says.

Numerous Uplogix 3200 devices - an OOB console that protects passwords poorly and which has reached end-of-life four years ago - can be found connected to the public Internet, which poses a great risk for their owners.

Normally, physical access to the device is required to recover credentials, but credentials are often re-used across sites and devices resold, not to mention that weak credentials render devices susceptible to brute force.

While keeping OOB consoles out of the Web and ensuring that strong credentials are used should mitigate risks, there are plenty of other issues that impact maritime security overall, Pen Test Partners' Nigel Hearne reveals.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/s7OnslV7E4c/vulnerable-out-band-consoles-put-industrial-assets-risk