CyberSecurityBoard
Sponsor Register Login

InHand Industrial Router Vulnerabilities Expose OT Networks to Attacks

InHand industrial routers have recently been found to have several vulnerabilities that can potentially let attackers take control of systems connected to the industrial networks. According to a report by security firm CyberX, the vulnerabilities can be exploited both remotely and locally, threatening OT networks that rely on such routers. The vulnerabilities, which are mainly related to authentication, authorization and encryption, can be exploited to execute arbitrary code, information disclosure and denial of service on the target system. The base OS of the router is VxWorks 6.9.4, which is an operating system for embedded systems. The InHand industrial router is mainly used in manufacturing, oil and gas industry, public transport and pharmaceuticals etc. It has more than 30,000 installations in over 30 countries. According to the researchers, these vulnerabilities can allow attackers to gain access to sensitive OT networks, allowing them to monitor, disrupt and damage the affected system. They further noted that such attacks can lead to a disruption in production, resulting in loss of revenue and even illegal access to intellectual property. To mitigate such attacks, it is highly recommended that users of InHand industrial routers upgrade to the latest version of the device and also ensure adherence to air-gapped security policies. It is also important to conduct regular cyber security assessments to prevent and respond to any threats in time.

This Cyber News was published on www.securityweek.com. Publication date: Sun, 22 Jan 2023 10:48:00 +0000


Cyber News related to InHand Industrial Router Vulnerabilities Expose OT Networks to Attacks

InHand Industrial Router Vulnerabilities Expose OT Networks to Attacks - InHand industrial routers have recently been found to have several vulnerabilities that can potentially let attackers take control of systems connected to the industrial networks. According to a report by security firm CyberX, the vulnerabilities can ...
2 years ago Securityweek.com
Recapping Cisco industrial IoT's journey: A year of security, simplification and innovation - In this blog, we'll take a look back at the key topics and trends that defined the industrial IoT journey in 2023. Empowering our industrial customers to digitize and secure operations at the same time has been prevalent in every conversation this ...
1 year ago Feedpress.me
CVE-2025-38248 - In the Linux kernel, the following vulnerability has been resolved: ...
4 months ago
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
1 year ago Darkreading.com
CVE-2024-54092 - A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions), Industrial Edge Device Kit - arm64 V1.18 (All versions), Industrial Edge Device Kit - arm64 V1.19 (All versions), Industrial Edge Device Kit - arm64 V1.20 ...
7 months ago
Hackers Attacking Industrial Automation Systems With 11,600+ Malware Families - Industrial automation systems worldwide are facing an unprecedented scale of cyber threats, with security researchers detecting a staggering 11,679 distinct malware families targeting critical infrastructure in the first quarter of 2025. Securelist ...
6 months ago Cybersecuritynews.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
1 year ago Darkreading.com LockBit
CVE-2024-43783 - The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Instances of the Apollo Router running versions >=1.21.0 and < 1.52.1 are impacted by a denial ...
1 year ago
Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security - PRESS RELEASE. FOXBOROUGH, Mass. , Jan. 3, 2024 /PRNewswire/ - Industrial Defender, the leading provider of OT asset data and cybersecurity solutions for industrial organizations, is excited to announce the launch of the Industrial Defender Risk ...
1 year ago Darkreading.com
Hackers Actively Exploiting Router Vulnerabilities to Attack Enterprise Networks - Security teams should immediately audit their network infrastructure for vulnerable devices, implement network segmentation to isolate router management interfaces, enforce encrypted connections for all administrative activities, and deploy ...
7 months ago Cybersecuritynews.com
Darktrace and Garland Technology Collaborate to Help Businesses Secure Operational Technology Environments - PRESS RELEASE. CAMBRIDGE, England, Jan. 24, 2024 /PRNewswire/ - Darktrace, a global leader in cyber security AI, and Garland Technology, a leading manufacturer of network TAP, aggregator, packet broker, data diode and inline bypass solutions, today ...
1 year ago Darkreading.com
ICS Advisory (ICSA-25-238-03) - CISA - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-25-238-03, addressing critical vulnerabilities in Schneider Electric's Modicon M580 and M340 Programmable Logic Controllers ...
3 months ago Cisa.gov CVE-2023-34362 CVE-2023-34363
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
2 years ago Securityweek.com
CVE-2023-41317 - The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability which causes the Router to ...
2 years ago
CVE-2024-32971 - Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being ...
1 year ago
Cisco wins Manufacturing Solution of the Year award for integrating industrial security with networking - Industrial security can be a complex undertaking, and yet OT security is quintessential for modern Industrial IoT operations. IIoT systems generally contain a variety of interconnected systems and technologies, each with its own security needs. Some ...
1 year ago Feedpress.me Patchwork
Coming Soon to Wi-SUN Field Area Network: Versatility to connect sensors with low power and high throughput capabilities - The Catalyst IR8140 Heavy Duty Series Router will be Cisco's first router to support new Capabilities for FAN 1.1. In 2019 the Wi-SUN Alliance introduced the first certified products implementing Field Area Network 1.0, which is a secure, ...
1 year ago Feedpress.me
Palo Alto Networks and Deloitte Expand Strategic Alliance Globally - 1, 2024 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW) and Deloitte today announced an expansion of their strategic alliance into EMEA and JAPAC regions, making Palo Alto Networks® AI-powered cybersecurity solutions and joint offerings available ...
1 year ago Darkreading.com
A Leader in 2024 Forrester Enterprise Firewall Solutions Wave - Palo Alto Networks has long recognized these challenges, which is why we’ve built a network security platform that not only protects but also fosters business growth and innovation in today’s complex environment. We believe the recognition of ...
1 year ago Paloaltonetworks.com
React Router Vulnerabilities Let Attackers Spoof Contents & Modify Values - To exploit this vulnerability, an attacker needs no special privileges-they simply add the malicious header to requests targeting pages that use loaders in applications running React Router in Framework mode. The first vulnerability, assigned a CVSS ...
7 months ago Cybersecuritynews.com
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
1 year ago Securityintelligence.com
E80 Group secures its AGVs with Cisco industrial solutions and Italtel system integration - These are the conditions for which E80 Group, an Italian multinational, based in Viano, Italy, builds its autonomous and laser guided vehicles that can move around a facility, transport materials, and interact with other machines and systems in ...
1 year ago Feedpress.me
Industrial Defender Risk Signal integrates threat intelligence and business context - Industrial Defender introduced Industrial Defender Risk Signal, its new risk-based vulnerability management solution. Building upon the company's robust vulnerability assessment capabilities, Industrial Defender Risk Signal intelligently prioritizes ...
1 year ago Helpnetsecurity.com
GE Historian Software Vulnerabilities Can be Exploited by Hackers - Hackers now have the capability to exploit vulnerabilities in General Electric’s (GE) Historian software. Such vulnerabilities could potentially be utilized for industrial espionage, disruption, or other malicious activities. The GE Historian ...
2 years ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)