"Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks"

Multiple security flaws have been discovered in the cloud management platforms of three industrial cellular router vendors, which could expose Operational Technology (OT) networks to attacks. The industrial cybersecurity company OTORIO presented its findings at the Black Hat Asia 2023 conference. The 11 vulnerabilities enable Remote Code Execution and complete control over hundreds of thousands of devices and OT networks. Specifically, the cloud-based management solutions provided by Sierra Wireless, Teltonika Networks, and InHand Networks for remotely managing and operating devices contain the vulnerabilities. Successful exploitation of the vulnerabilities could pose significant risks to industrial environments, allowing adversaries to bypass security layers, exfiltrate sensitive data, and remotely execute code on internal networks. The vulnerabilities could also be weaponized to gain unauthorized access to devices on the network and carry out malicious operations such as a shutdown with elevated permissions. This article continues to discuss the potential exploitation and impact of the vulnerabilities found in cloud-based management solutions offered by Sierra Wireless, Teltonika Networks, and InHand Networks. 

THN reports "Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks"