Numerous security vulnerabilities have been disclosed in cloud management platforms connected with a few industrial mobile router suppliers that could expose operational technology (OT) networks to external attacks.
The findings have been presented by Israeli industrial cybersecurity agency OTORIO at the Black Hat Asia 2023 conference past week.
The 11 vulnerabilities make it possible for “distant code execution and whole control around hundreds of hundreds of units and OT networks – in some situations, even all those not actively configured to use the cloud.”
Precisely, the shortcomings reside in the cloud-centered management options made available by Sierra Wireless, Teltonika Networks, and InHand Networks to remotely regulate and function units.
Successful exploitation of the vulnerabilities could pose severe dangers to industrial environments, letting adversaries to sidestep security layers as effectively as exfiltrate sensitive facts and attain code execution remotely on the inner networks.
Even worse, the issues could be weaponized to receive unauthorized obtain to equipment in the network and perform destructive operations this kind of as shutdown with elevated permissions.
This, in flip, is designed doable owing to three different attack vectors that could be exploited to compromise and takeover cloud-managed IIoT devices by way of their cloud-based management platforms:
- Weak asset registration mechanisms (Sierra Wireless): An attacker could scan for unregistered devices that are linked to the cloud, get their serial figures by having benefit of the AirVantage on the web Warranty Checker tool, register them to an account below their management, and execute arbitrary instructions.
- Flaws in security configurations (InHand Networks): An unauthorized user could leverage CVE-2023-22601, CVE-2023-22600, and CVE-2023-22598, a command injection flaw, to get distant code execution with root privileges, issue reboot commands, and drive firmware updates.
- Exterior API and interfaces (Teltonika Networks): A threat actor could abuse several issues recognized in the remote administration process (RMS) to “expose delicate unit information and facts and system qualifications, help distant code execution, expose related products managed on the network, and permit impersonation of respectable products.”
The six flaws impacting Teltonika Networks โ CVE-2023-32346, CVE-2023-32347, CVE-2023-32348, CVE-2023-2586, CVE-2023-2587, and CVE-2023-2588 โ had been learned pursuing a “thorough investigation” carried out in collaboration with Claroty.
Forthcoming WEBINARLearn to End Ransomware with Genuine-Time Safety
Be part of our webinar and understand how to cease ransomware assaults in their tracks with authentic-time MFA and company account defense.
Help you save My Seat!
“An attacker effectively exploiting these industrial routers and IoT equipment can result in a quantity of impacts on compromised gadgets and networks, such as monitoring network traffic and thieving delicate facts, hijacking internet connections and accessing interior services,” the firms mentioned.
OTORIO said cloud-managed devices pose a “substantial” source-chain risk and that a one vendor compromise can act as a backdoor for accessing various OT networks in one particular sweep.
The growth arrives a small more than three months right after the cybersecurity business disclosed 38 security flaws in the wireless industrial Internet of Points (IIoT) equipment that could offer attackers a direct path to internal OT networks and set critical infrastructure at risk.
“As the deployment of IIoT units becomes more popular, it truly is crucial to be knowledgeable that their cloud administration platforms might be focused by risk actors,” security researcher Roni Gavrilov claimed. “A one IIoT vendor system getting exploited could act as a ‘pivot point’ for attackers, accessing countless numbers of environments at once.”
Discovered this short article exciting? Comply with us on Twitter ๏ and LinkedIn to read a lot more exceptional written content we submit.
Some parts of this article are sourced from:
thehackernews.com