Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks

2023-05-15 13:24

Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology networks to external attacks.

The 11 vulnerabilities allow "Remote code execution and full control over hundreds of thousands of devices and OT networks - in some cases, even those not actively configured to use the cloud."

Successful exploitation of the vulnerabilities could pose severe risks to industrial environments, allowing adversaries to sidestep security layers as well as exfiltrate sensitive information and achieve code execution remotely on the internal networks.

"An attacker successfully exploiting these industrial routers and IoT devices can cause a number of impacts on compromised devices and networks, including monitoring network traffic and stealing sensitive data, hijacking internet connections and accessing internal services," the companies said.

OTORIO said cloud-managed devices pose a "Huge" supply-chain risk and that a single vendor compromise can act as a backdoor for accessing several OT networks in one sweep.

The development comes a little more than three months after the cybersecurity company disclosed 38 security flaws in the wireless industrial Internet of Things devices that could provide attackers a direct path to internal OT networks and put critical infrastructure at risk.

News URL

https://thehackernews.com/2023/05/industrial-cellular-routers-at-risk-11.html

#OT #router #vulnerabilities