Industrial Wireless IoT Devices Increase Attack Surface of OT Networks

February 10, 2023

The Otorio researchers noted that these devices are attractive targets to attackers looking for an initial foothold in industrial environments due to the minimal requirements for exploitation and potential impact. Utilizing search engines such as Shodan, they observed widespread exposure of industrial cellular gateways and routers, making them easily discoverable and potentially vulnerable to exploitation. By targeting a single vendor cloud-based management platform, a remote attacker may expose thousands of devices located on different networks and sectors.

The attack surface over the cloud management platform is wide, including exploitation of the web application (cloud user interface), abusing M2M protocols, weak access control policies, or abusing a weak registration process. Different types of local attacks can be used against Wi-Fi and cellular communication channels, starting from attacks on weak encryptions such as WEP and downgrade attacks to the vulnerable GPRS, all the way to complex chipset vulnerabilities such as CVE-2018-4061 and CVE-2022-46649 that may take time to patch.

"Industrial wireless IoT devices and their cloud-based management platforms are attractive targets to attackers looking for an initial foothold in industrial environments," said the Otorio researchers. "Organizations must be aware of the attack vectors these devices are susceptible to and take the necessary steps to protect their networks."

Latest News

• Arris Routers Vulnerable to Remote Code Execution
• Fortinet Releases Security Updates for FortiNAC and FortiWeb
• SolarWinds Patches High-Severity Vulnerabilities
• ProxyShellMiner Exploits Microsoft Exchange Vulnerabilities
• CISA Adds Four Security Vulnerabilities to Known Exploited List