Vulnerabilities open Korenix JetWave industrial networking devices to attack

2023-02-13 14:24

Three vulnerabilities found in a variety of Korenix JetWave industrial access points and LTE cellular gateways may allow attackers to either disrupt their operation or to use them as a foothold for further attacks, CyberDanube researchers have found.

"If such a device is acting as key device in an industrial network, or controls various critical equipment via serial ports, more extensive damage in the corresponding network can be done by an attacker," the researchers noted.

All three vulnerabilities require attackers to authenticate before launching an exploit.

A denial of web service attack can be temporarily solved by rebooting the targeted device, but attackers could inject commands that could lead to indefinite compromise.

The researchers discovered the vulnerabilities by creating a digital twin of the firmware running on the first two industrial devices on that list, and Beijer Electronics confirmed the other JetWave devices are also vulnerable.

The company advises customers to upgrade affected devices to the latest firmware version available.

News URL

https://www.helpnetsecurity.com/2023/02/13/korenix-jetwave-industrial-vulnerabilities/

#attack #vulnerabilities

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Korenix		95	0	2	5	6	13

News URL

Related news

Related vendor