Technology

Industrial Wi-Fi networks found to have serious security flaws

November 29, 2024

Three Advantech access points carried 20 vulnerabilities due to shared firmware
Six of the flaws are critical, with a severity score of 9.8
They allow for remote code execution, denial of service, and more

Multiple Advantech access points have been found carrying almost two dozen vulnerabilities, some of which even enabled remote code execution (RCE) with root privileges, experts have warned.

A report from cybersecurity researchers at Nozomi Networks, who noted EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO access points had 20 vulnerabilities, due to shared firmware. Of those 20, six were deemed critical, with a severity score of 9.8.

The affected devices provide dual-band Wi-Fi connectivity for industrial applications, such as EV manufacturing, or automated protection lines. They ensure real-time communication for thingslike rail-guided vehicles (RGVs), and as such play a major role in an industrial setting.

Severe impact

The report outlines two ways crooks could exploit these flaws: either through LAN/WAN, or over-the-air. With the former, attackers can send malicious requests to the device, given they have network access. With the latter, however, they only need to be close enough to leverage weaknesses in wireless protocols.

The impact can be quite severe, Nozomi further explained. Attackers could abuse the flaws to install backdoors and thus enable continuous access; they could cripple automation processes with denial-of-service (DoS) attacks; and they could use the access points for lateral movement throughout the target infrastructure, potentially deploying more malware or even ransomware.

“These vulnerabilities pose significant risks, allowing unauthenticated remote code execution with root privileges, thereby fully compromising the confidentiality, integrity, and availability of the affected devices,” the researchers commented.

The flaws have since been fixed. For EKI-6333AC-2G and EKI-6333AC-2GD, make sure to patch to version 1.6.5, and for EKI-6333AC-1GPO, 1.2.2. Furthermore, researchers recommend users continuously monitor the devices and proactively manage any potential vulnerabilities, to safeguard their industrial IT infrastructure.

The full list of all the flaws, their CVEs, severity scores, and impact on vulnerable devices, can be found on this link.

Via The Hacker News

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

LEAVE A REPLY Cancel reply

EDITOR PICKS

POPULAR POSTS

QUICK LINKS

ABOUT US

FOLLOW US

Cookie bar