Security News > 2022 > June > Researchers disclose 56 vulnerabilities impacting thousands of OT devices

Researchers disclose 56 vulnerabilities impacting thousands of OT devices
2022-06-21 04:30

Forescout's Vedere Labs disclosed OT:ICEFALL, 56 vulnerabilities affecting devices from 10 operational technology vendors.

This is one of the single largest vulnerability disclosures that impact OT devices and directly addresses insecure-by-design vulnerabilities.

Remote code execution: Allows an attacker to execute arbitrary code on the impacted device, but the code may be executed in different specialized processors and different contexts within a processor, so an RCE does not always mean full control of a device.

Denial of service: Allows an attacker to either take a device completely offline or to prevent access to some function.

Compromise of credentials: Allows an attacker to obtain credentials to device functions, usually either because they are stored or transmitted insecurely.

Authentication bypass: Allows an attacker to bypass existing authentication functions and invoke desired functionality on the target device.


News URL

https://www.helpnetsecurity.com/2022/06/21/vulnerabilities-ot-devices-icefall/