- Three Advantech access points carried 20 vulnerabilities due to shared firmware
- Six of the flaws are critical, with a severity score of 9.8
- They allow for remote code execution, denial of service, and more
Multiple Advantech access points have been found carrying almost two dozen vulnerabilities, some of which even enabled remote code execution (RCE) with root privileges, experts have warned.
A report from cybersecurity researchers at Nozomi Networks, who noted EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO access points had 20 vulnerabilities, due to shared firmware. Of those 20, six were deemed critical, with a severity score of 9.8.
The affected devices provide dual-band Wi-Fi connectivity for industrial applications, such as EV manufacturing, or automated protection lines. They ensure real-time communication for thingslike rail-guided vehicles (RGVs), and as such play a major role in an industrial setting.
Severe impact
The report outlines two ways crooks could exploit these flaws: either through LAN/WAN, or over-the-air. With the former, attackers can send malicious requests to the device, given they have network access. With the latter, however, they only need to be close enough to leverage weaknesses in wireless protocols.
The impact can be quite severe, Nozomi further explained. Attackers could abuse the flaws to install backdoors and thus enable continuous access; they could cripple automation processes with denial-of-service (DoS) attacks; and they could use the access points for lateral movement throughout the target infrastructure, potentially deploying more malware or even ransomware.
“These vulnerabilities pose significant risks, allowing unauthenticated remote code execution with root privileges, thereby fully compromising the confidentiality, integrity, and availability of the affected devices,” the researchers commented.
The flaws have since been fixed. For EKI-6333AC-2G and EKI-6333AC-2GD, make sure to patch to version 1.6.5, and for EKI-6333AC-1GPO, 1.2.2. Furthermore, researchers recommend users continuously monitor the devices and proactively manage any potential vulnerabilities, to safeguard their industrial IT infrastructure.
The full list of all the flaws, their CVEs, severity scores, and impact on vulnerable devices, can be found on this link.
Via The Hacker News
- Business routers vulnerable to OS command injection attack
- Here’s a list of the best firewalls today
- These are the best endpoint protection tools right now