"InHand Industrial Router Vulnerabilities Expose Internal OT Networks to Attacks"
According to the US Cybersecurity and Infrastructure Security Agency (CISA), a series of vulnerabilities affecting industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to internal operational technology (OT) networks from the internet. CISA published an advisory last week to inform organizations about five vulnerabilities identified by a researcher at industrial cybersecurity firm Otorio in InHand's InRouter302 and InRouter615 cellular routers. The vendor has released firmware updates that should patch these vulnerabilities. According to CISA, most of the vulnerabilities are related to message queuing telemetry transport (MQTT), and their exploitation could lead to command/code execution and information disclosure. CISA noted that one of the security holes has been assigned a "critical" severity rating, two have been rated "high severity," and two are "medium severity" issues. Matan Dobrushin, VP of research at Otorio, stated that the vulnerabilities impact both the cloud management platform and the device's firmware. The researcher noted that chaining these vulnerabilities together can allow an attacker to remotely execute code as root on all connected InRouter302 and InRouter615 devices directly from the internet. The affected devices are used for industrial robots, oil wells, elevators, medical equipment, electric car charging stations, and smart meters. Dobrushin stated that he is certain that there are tens of thousands of devices that are impacted by these vulnerabilities, affecting thousands of critical sites around the globe.