iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
A chain of vulnerabilities could lead to access points being targeted by denial of service and man-in-the-middle attacks.
Researchers at Nozomi Networks Labs have uncovered a raft of vulnerabilities in an Advantech Wi-Fi access point used across a wide range of challenging environments.
A total of 20 vulnerabilities were identified in firmware version 1.6.2 of Advantech’s EKI-6333AC-2G industrial-grade wireless access point.
The product is used across a range of industries, from warehousing and distribution to automobile assembly lines, and several of the vulnerabilities—rated at Critical—could allow a malicious actor to gain root privileges over the device and execute code remotely.
Attackers have two possible attack vectors: by gaining direct access to the device and crafting malicious requests to target the critical vulnerabilities directly, or using Wi-Fi to execute code on the device from nearby.
Once access is gained, a malicious actor could install a backdoor and gain access to internal resources, conduct denial of service attacks to disrupt production lines and other automated processes or move laterally within a network.
Once lateral movement has been achieved, a malicious actor would be able to capture network credentials via man-in-the-middle attacks.
“These exploits are a good example of a complex attack chain that requires physical/protective security to be breached in addition to a multi-phased technical manipulation of the target device,” Dean Frye, Solutions Architect for Nozomi Networks, told Cyber Daily.
“Cross-site scripting vulnerabilities are an exploitable technique category that ought to be caught in pre-release software testing. IoT vendors should do more to balance cost and speed to market with robust device quality. The vulnerability disclosure also outlines the role humans play in the attack chain via social engineering.
“As a vulnerability numbering authority, Nozomi remains committed to the responsible disclosure of software defects we observe, and to the continual risk reduction we seek to achieve for process automation and control environments.”
Advantech has released firmware updates to address the vulnerabilities on several of its devices. Firmware version 1.6.5 was recently released for EKI-6333AC-2G and EKI-6333AC-2GD devices, and firmware version 1.2.2 for EKI-6333AC-1GPO. The latter two devices were found to be similarly vulnerable to exploitation during the disclosure process between Advantech and Nozomi Networks.
Cyber Daily recently spoke to Dragos’ Logan Carpenter about how the vulnerability process works and some of the challenges it presents to researchers – read the interview here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
