Three vulnerabilities in Advantech’s EKI series of serial device servers could be exploited to execute arbitrary commands on the OS level. Source: CyberDanube The vulnerabilities Serial device servers are networking devices that “network-enable” serial devices (e.g., printer, climate control system, etc.) in an industrial automation environment. CyberDanube researchers Thomas Weber and Sebastian Dietz have analyzed the firmware of Advantech’s EKI-1521-CE, EKI-1522-CE, and EKI-1524-CE series of serial device servers, and unearthed two command injection and one … More
The post Advantech’s industrial serial device servers open to attack appeared first on Help Net Security.