Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Industrial Wi-Fi networks found to have serious security flaws

A bus with a WiFi sign on the back.

  • Three Advantech access points carried 20 vulnerabilities due to shared firmware
  • Six of the flaws are critical, with a severity score of 9.8
  • They allow for remote code execution, denial of service, and more

Multiple Advantech access points have been found carrying almost two dozen vulnerabilities, some of which even enabled remote code execution (RCE) with root privileges, experts have warned.

A report from cybersecurity researchers at Nozomi Networks, who noted EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO access points had 20 vulnerabilities, due to shared firmware. Of those 20, six were deemed critical, with a severity score of 9.8.

The affected devices provide dual-band Wi-Fi connectivity for industrial applications, such as EV manufacturing, or automated protection lines. They ensure real-time communication for thingslike rail-guided vehicles (RGVs), and as such play a major role in an industrial setting.

Severe impact

The report outlines two ways crooks could exploit these flaws: either through LAN/WAN, or over-the-air. With the former, attackers can send malicious requests to the device, given they have network access. With the latter, however, they only need to be close enough to leverage weaknesses in wireless protocols.

The impact can be quite severe, Nozomi further explained. Attackers could abuse the flaws to install backdoors and thus enable continuous access; they could cripple automation processes with denial-of-service (DoS) attacks; and they could use the access points for lateral movement throughout the target infrastructure, potentially deploying more malware or even ransomware.

"These vulnerabilities pose significant risks, allowing unauthenticated remote code execution with root privileges, thereby fully compromising the confidentiality, integrity, and availability of the affected devices," the researchers commented.

The flaws have since been fixed. For EKI-6333AC-2G and EKI-6333AC-2GD, make sure to patch to version 1.6.5, and for EKI-6333AC-1GPO, 1.2.2. Furthermore, researchers recommend users continuously monitor the devices and proactively manage any potential vulnerabilities, to safeguard their industrial IT infrastructure.

The full list of all the flaws, their CVEs, severity scores, and impact on vulnerable devices, can be found on this link.

Via The Hacker News

You might also like

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.