"Flaws in ABB Network Interface Modules Expose Industrial Systems to DoS Attacks"
The industrial technology giant ABB is working on patches for high-severity vulnerabilities affecting Symphony Plus SPIET800 and PNI800, which are network interface modules implemented to enable communications between a control network and a host computer running an engineering tool or a human-machine interface. According to the researchers at the OT cybersecurity firm Verve Industrial who discovered the vulnerabilities, the way in which these impacted products handle certain packets allows an attacker with local access to the control network or remote access to a system server to cause a Denial-of-Service (DoS) condition. This DoS condition can only be addressed by a manual reboot. ABB published an advisory for these vulnerabilities in February, and the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) recently released an advisory informing organizations that use the affected products about the security risks. The exploitation of the vulnerabilities could disrupt industrial environments as systems connected to the SPIET800 and PNI800 devices will also be affected. This article continues to discuss the potential exploitation and impact of the flaws discovered in ABB network interface modules.