Security News > 2022 > May > Talos names eight deadly sins in widely used industrial software

A researcher at Cisco's Talos threat intelligence team found eight vulnerabilities in the Open Automation Software platform that, if exploited, could enable a bad actor to access a device and run code on a targeted system.

The OAS platform is widely used by a range of industrial enterprises, essentially facilitating the transfer of data within an IT environment between hardware and software and playing a central role in organizations' industrial Internet of Things efforts.

These security gaps have become such a concern that the US Cybersecurity and Infrastructure Agency and other government offices have warned industrial and critical infrastructure companies about the growing threat, particularly in the wake of Russia's unprovoked invasion of neighboring Ukraine in February.

This would let the attacker to perform such tasks as reading the existing usernames, configuration and groups, create a new security group and user with broad permissions and change ports used by various OAS services.

In an email to The Register, Chris Clements, vice president of solutions architecture for cybersecurity firm Cerberus Sentinel, said that flaws affecting industrial control devices "Are among the scariest cybersecurity threats today. An attacker with the ability to disrupt or alter the function of those devices can inflict catastrophic damage on critical infrastructure facilities, but an attack can also be something that may not be immediately obvious."

Private sector companies also are moving to strengthen security around such systems, including creating the Operational Technology Cybersecurity Coalition, which includes a mix of corporations like Honeywell and Coca-Cola and cybersecurity vendors, such as Fortinet and Check Point.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/05/27/talos-aos-vulnerabilities/