CyberSecurityBoard
Sponsor Register Login

Unpatched Loytec Building Automation Flaws Disclosed 2 Years After Discovery

Industrial cybersecurity firm TXOne Networks has disclosed the details of 10 unpatched vulnerabilities discovered by its researchers in building automation products made by Austrian company Loytec more than two years ago.
The vulnerabilities have been assigned the identifiers CVE-2023-46380 through CVE-2023-46389 and their details were disclosed in three separate advisories published on the Full Disclosure mailing list in November.
The vulnerabilities are related to usernames and passwords being transmitted or stored in clear text, the lack of authentication, the exposure of admin passwords in a registry key, and the exposure of other potentially sensitive information.
According to TXOne, the security holes impact LINX-212, LINX-151 and LIOB-586 programmable automation stations designed for controlling various building applications, LVIS-3ME12-A1 touch panels, the LWEB‑802 visualization tool, and the L-INX Configurator configuration tool.
An attacker - in some cases without authentication - could exploit the vulnerabilities to take control of the targeted system and disable building security systems and alarms.
Exploiting some of the vulnerabilities is more complicated as it requires a man-in-the-middle attack on the network or local access to the targeted product.
CVE-2023-46380, CVE-2023-46382, CVE-2023-46383, and CVE-2023-46385 require a MitM position on the network to read sensitive data.
On the other hand, CVE-2023-46382 doesn't require any technical skills.
If the web user interface of the preinstalled version of LWEB-802 is exposed to the internet, anyone could easily access and control it.
We found some of the projects are exposed on the internet and accessible.
For CVE-2023-46387, CVE-2023-46389, these files could be easily accessed once an attacker is able to login as administrator.
These files contain SMTP client credentials used for alert and report functions.
Only CVE-2023-46384 requires local access to the machine on which LINX Configurator is installed.
Anyone who can locally access the machine could steal the password.
The vulnerabilities were initially reported to the vendor through Trend Micro's Zero Day Initiative in October 2021, and the US cybersecurity agency CISA attempted to make contact one year later.
Loytec was unresponsive when contacted by ZDI and CISA, which is why TXOne decided to make its findings public.
Delta Electronics-owned Loytec did not respond to SecurityWeek's request for comment.


This Cyber News was published on www.securityweek.com. Publication date: Tue, 05 Dec 2023 14:43:06 +0000


Cyber News related to Unpatched Loytec Building Automation Flaws Disclosed 2 Years After Discovery

Unpatched Loytec Building Automation Flaws Disclosed 2 Years After Discovery - Industrial cybersecurity firm TXOne Networks has disclosed the details of 10 unpatched vulnerabilities discovered by its researchers in building automation products made by Austrian company Loytec more than two years ago. The vulnerabilities have ...
6 months ago Securityweek.com
Energy-Efficient Home Automation: Saving the Planet and Your Wallet - Home automation solutions offer an array of benefits, from improved convenience to decreased energy bills. This article will explore the types of home automation systems available, as well as their cost and potential for energy efficiency. The ...
6 months ago Securityzap.com
Home Automation for All: Enabling Independence - As technology advances, home automation provides a sense of empowerment for elderly and disabled individuals. Home automation for the elderly and disabled reduces dependence on others and promotes independence in the home environment. Home automation ...
6 months ago Securityzap.com
How to Get Started With Security Automation: Consider the Top Use Cases Within Your Industry - As the cybersecurity industry has matured, so has the approach security teams take to making decisions about investing in security tools. Instead of focusing on the latest product or technology, security professionals are focused on use cases such as ...
5 months ago Securityweek.com
AI and Automation - In recent years, developments in artificial intelligence and automation technology have drastically reshaped application security. On one hand, the progress in AI and automation has strengthened security mechanisms, reduced reaction times, and ...
6 months ago Feeds.dzone.com
Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
1 year ago Securityaffairs.com
Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day - Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. While eight remote code execution bugs were fixed, Microsoft only rated three ...
6 months ago Bleepingcomputer.com
Best practices for secure network automation workflows - Automation plays a critical role in modern networks. It helps network engineers manage networks with fewer repetitive manual tasks for greater agility. Network engineers cannot automate - or secure - what they don't understand. Understanding network ...
6 months ago Techtarget.com
Atlassian warns of 4 new critical vulnerabilities affecting Jira, Confluence, Bitbucket - Atlassian Jira, Confluence, Bitbucket and macOS Companion app users are warned to update their software immediately due to four critical vulnerabilities allowing for remote code execution. Atlassian, an Australian software company, has more than ...
6 months ago Packetstormsecurity.com
Over 1,450 pfSense servers exposed to RCE attacks via bug chain - Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. PfSense is a popular open-source firewall ...
6 months ago Bleepingcomputer.com
Security automation gains traction, prompting a "shift everywhere" philosophy - This year's findings revealed a clear trend of firms increasingly taking advantage of security automation to replace manual, subject matter expert-driven security activities to reduce cost and improve effectiveness. Organizations embrace advanced ...
6 months ago Helpnetsecurity.com
Why RV Connex Chose Swimlane As "The Powerhouse" Of Their SOC - RV Connex is a Thailand-based company that specializes in national defense and space manufacturing. Since RV Connex has implemented security automation they have achieved significant progress. Tanajak Watanakij, Vice President of Cybersecurity and ...
6 months ago Securityboulevard.com
The dawn of the autonomous enterprise is on the horizon - 90% of IT decision-makers plan to deploy more automation, including AI, in the next 12 months, according to Digitate. 26% of respondents plan to implement machine-operated tasks that require limited human input or fully transition to autonomous ...
5 months ago Helpnetsecurity.com
Exploits released for critical Jenkins RCE flaw, patch now - Multiple proof-of-concept exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. ...
4 months ago Bleepingcomputer.com
Christie disclosed a data breach after RansomHub attack - MUST READ. Christie disclosed a data breach after a RansomHub attack. OmniVision disclosed a data breach after the 2023 Cactus ransomware attack. City of Wichita disclosed a data breach after the recent ransomware attack. Australian Firstmac Limited ...
3 weeks ago Securityaffairs.com
Threat Groups Rush to Exploit JetBrains' TeamCity CI/CD Security Flaws - The cyberthreats to users of JetBrains' TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that included exploiting the flaws for ...
3 months ago Securityboulevard.com
Achieving Continuous Compliance - If you've ever explored regulatory compliance and cybersecurity, you'll understand the importance of continuous compliance in the digital age, where evolving technology and regulations require constant vigilance. This article will cover the ...
6 months ago Feeds.dzone.com
Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws - Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days. The total count of 61 flaws does not include 2 Microsoft Edge flaws fixed on May 2nd and four ...
1 month ago Bleepingcomputer.com
Years-Old, Unpatched GWT Vuln Leaves Apps Open to Server-Side RCE - More than eight years after it first came to light, an unauthenticated Java deserialization vulnerability lurking in the Google Web Toolkit open source application framework remains unpatched, and could require fundamental framework fixes to ...
6 months ago Darkreading.com
Cisco and Schneider Electric Are Creating Smarter, More Efficient Buildings - Whether your organization owns commercial property, leases it, or manages it, you're likely to be grappling with industry trends and challenges that call on your best efforts-and the innovative application of technology. The need to reduce energy ...
5 months ago Feedpress.me
Intel knew AVX chips were insecure and did nothing - Intel has been sued by a handful of PC buyers who claim the x86 goliath failed to act when informed five years ago about faulty chip instructions that allowed the recent Downfall vulnerability, and during that period sold billions of insecure chips. ...
6 months ago Theregister.com
Critical Vulns Found in Ray Open Source Framework for AI/ML Workloads - Organizations using Ray, the open source framework for scaling artificial intelligence and machine learning workloads, are exposed to attacks via a trio of as yet unpatched vulnerabilities in the technology, researchers said this week. Potentially ...
6 months ago Darkreading.com
Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation - Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three ...
6 months ago Thehackernews.com
Insights into your unpatched vulnerabilities - Every day, nearly 70 brand-new vulnerabilities are discovered in software products around the world. In the 100 most prevalent unpatched vulnerabilities, the majority are found in software by Adobe, Zoom, and Mozilla. One critical vulnerability was ...
6 months ago Malwarebytes.com
Fortinet Warns of Yet Another Critical RCE Flaw - Fortinet has patched a critical remote code execution vulnerability in its FortiClient Enterprise Management Server for managing endpoint devices. The flaw, identified as CVE-2024-48788, stems from an SQL injection error in a direct-attached storage ...
3 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)