"Unpatched Loytec Building Automation Flaws Disclosed 2 Years After Discovery"

Security researchers at industrial cybersecurity firm TXOne Networks have disclosed the details of 10 unpatched vulnerabilities discovered in building automation products made by Austrian company Loytec more than two years ago.  The vulnerabilities have been assigned to the identifiers CVE-2023-46380 through CVE-2023-46389, and their details were disclosed in three separate advisories published on the Full Disclosure mailing list in November.  The researchers noted that the vulnerabilities are related to usernames and passwords being transmitted or stored in clear text, the lack of authentication, the exposure of admin passwords in a registry key, and the exposure of other potentially sensitive information.  According to the researchers, the security holes impact LINX-212, LINX-151, and LIOB-586 programmable automation stations designed for controlling various building applications, LVIS-3ME12-A1 touch panels, the LWEB‑802 visualization tool, and the L-INX Configurator configuration tool.  The researchers noted that an attacker, in some cases without authentication, could exploit the vulnerabilities to take control of the targeted system and disable building security systems and alarms.  However, exploiting some of the vulnerabilities is more complicated as it requires a man-in-the-middle (MitM) attack on the network or local access to the targeted product. 

SecurityWeek reports: "Unpatched Loytec Building Automation Flaws Disclosed 2 Years After Discovery"