Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

InHand Industrial Router Vulnerabilities Expose Internal OT Networks to Attacks

Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.

A series of vulnerabilities affecting industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to internal operational technology (OT) networks from the internet.

The US Cybersecurity and Infrastructure Security Agency (CISA) last week published an advisory to inform organizations about five vulnerabilities identified by a researcher at industrial cybersecurity firm Otorio in InHand’s InRouter302 and InRouter615 cellular routers.

The vendor has released firmware updates that should patch these vulnerabilities.InHand router vulnerabilities

According to CISA, most of the vulnerabilities are related to message queuing telemetry transport (MQTT) and their exploitation could lead to command/code execution and information disclosure.

One of the security holes has been assigned a ‘critical’ severity rating, two have been rated ‘high severity’ and two are medium-severity issues.

Matan Dobrushin, VP of research at Otorio, told SecurityWeek that the vulnerabilities impact both the cloud management platform and the device’s firmware.

“Chaining these vulnerabilities together can allow an attacker to remotely execute code as root on all connected InRouter302 and InRouter615 devices directly from the internet,” Dobrushin explained.

The affected devices are used for industrial robots, oil wells, elevators, medical equipment, electric car charging stations, and smart meters.

“We are certain that there are tens of thousands of devices that are impacted by these vulnerabilities, affecting thousands of critical sites around the globe,” Dobrushin warned.

Advertisement. Scroll to continue reading.

Roni Gavrilov, the Otorio researcher credited for finding these flaws, provided additional information on impact in a LinkedIn post.

“Successful exploitation of industrial wireless IoT may allow an attacker to bypass all of the security layers protecting the internal OT network at once, enabling access directly to connected PLCs, HMIs and field devices on the attacked site, easily impacting the process and potentially propagating the attack to the control center,” the researcher said.

This is not the first time Otorio has found vulnerabilities in InHand routers. In 2021, the company reported finding more than a dozen security flaws in one of the vendor’s cellular routers.

In addition, in 2022, Cisco’s Talos threat intelligence and research unit reported finding 17 vulnerabilities in the InRouter302 product.

Related: 10 Vulnerabilities Found in Widely Used Robustel Industrial Routers

Related: Several Vulnerabilities Expose Phoenix Contact Industrial 4G Routers to Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.