"Critical Vulnerability Could Have Allowed Hackers to Disrupt Traffic Lights"

Researchers at ProtectEM discovered a critical vulnerability in traffic light controllers made by SWARCO, an Austria-based company specializing in traffic management, traffic safety, and road marking, and more. According to the researchers, an open port designed for debugging left SWARCO's CPU LS4000 traffic light controllers vulnerable to being hacked. The open debug port could have allowed hackers to gain root access over the network to which the controllers are connected. With this access, hackers could have disabled or manipulated affected controllers. ProtecEM demonstrated how the exploitation of this vulnerability via an automated attack could have led to the simultaneous deactivation of traffic lights, which would require physical access to each affected controller to fix the problem. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Germany's VDE CERT released advisories about the vulnerability. This article continues to discuss the critical vulnerability affecting SWARCO's CPU LS4000 traffic light controllers regarding its discovery, severity, potential exploitation, and disclosure, in addition to the importance of hardening smart city systems against security threats.

Security Week reports "Critical Vulnerability Could Have Allowed Hackers to Disrupt Traffic Lights"