"Critical Flaw in Inea ICS Product Exposes Industrial Organizations to Remote Attacks"
A critical vulnerability in a remote terminal unit (RTU) made by Slovenia-based industrial automation company Inea can expose industrial organizations to remote hacker attacks. The vulnerability came to light after the Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to inform organizations. The vendor has released a firmware update that patches the issue. According to CISA, the security hole, tracked as CVE-2023-2131 with a CVSS score of 10, impacts Inea ME RTUs running firmware versions prior to 3.36. CISA noted that this OS command injection bug could allow remote code execution. The impacted product provides a data interface between remote field devices and the control center through a cellular network. According to CISA, the product is used worldwide in industries such as energy, transportation, and water and wastewater. The vulnerability was discovered and responsibly disclosed by Floris Hendriks, a researcher who is working on getting his master’s degree in cybersecurity at Radboud University in the Netherlands. Hendriks found the vulnerability as part of a bigger research project into the security of ICS remote management devices. The researcher stated that exploitation of CVE-2023-2131 can result in the attacker gaining root privileges on the targeted RTU, which gives them complete control of the device. The potential impact in a real world scenario depends on what the RTU is used for, but the flaw could allow an attacker to cause disruption.