"Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices"
A total of 38 security flaws were discovered in wireless Industrial Internet of Things (IIoT) devices from four different vendors, which presents an attack surface for threat actors seeking to exploit Operational Technology (OT) systems. Threat actors can leverage wireless IIoT device vulnerabilities to gain access to internal OT networks, according to the industrial cybersecurity firm Otorio. They can leverage these flaws to circumvent security layers and infiltrate target networks, putting critical infrastructure at risk or disrupting production. The flaws provide a remote attack entry point, allowing unauthenticated adversaries to establish a foothold and then use it to impact additional hosts, potentially causing major damage. Roni Gavrilov, a security researcher, stated that some of the detected vulnerabilities could be chained to grant an external actor direct access to thousands of internal OT networks via the Internet. Three of the 38 vulnerabilities impact ETIC Telecom's Remote Access Server (RAS) and could be exploited to take full control of devices. The InHand Networks InRouter 302 and InRouter 615 contain five other vulnerabilities that, if abused, can lead to command injection, information leakage, and code execution. This article continues to discuss the potential exploitation and impact of new vulnerabilities found in wireless IIoT devices.