Security News > 2020 > August > IBM finds vulnerability in IoT chips present in billions of devices

IBM finds vulnerability in IoT chips present in billions of devices
2020-08-19 15:56

A security flaw in a series of IoT connectivity chips could leave billions of industrial, commercial, and medical devices open to attackers.

EHS8 modules are built for industrial IoT machines that operate in factories, the energy sector, and medical roles, and are designed to create secure communication channels over 3G and 4G networks.

Luckily, Thales has been working with IBM since it discovered the vulnerability in September 2019, and has released a security patch for affected devices, which includes Thales' BGS5, EHS5/6/8, PDS5/6/8, ELS61, ELS81, and PLS62 modules as well.

As IBM notes, the role that machines with EHS8 modules fill makes this a critical security flaw.

The vulnerability stems from the embedded Java environment, which allows the installation of Java midlets for customization of the module.


News URL

https://www.techrepublic.com/article/ibm-finds-vulnerability-in-iot-chips-present-in-billions-of-devices/#ftag=RSS56d97e7

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
IBM 736 216 2774 1264 248 4502