Organizations across multiple critical infrastructure industries worldwide could be remotely compromised in attacks leveraging a critical missing authentication flaw in the Lantronix XPort remote connectivity offering, reports SecurityWeek.
Threat actors exploiting the vulnerable product which is used in water, energy, and critical manufacturing entities, as well as transportation systems could infiltrate the device's configuration interface and facilitate systems hijacking, according to an alert from the Cybersecurity and Infrastructure Security Agency. Such attacks could impact over 1,400 internet-exposed XPort instances, more than 300 of which are in the oil and gas sector, noted Microsec researcher Souvik Kandar, who said that total device takeover resulting from the abuse of the issue could prompt the breach of other systems within the targeted network, operational disruptions, and financial impact. Fixes for the issue have not yet been issued by Lantronix, which urged organizations to use its XPort Edge product instead.
Threat actors exploiting the vulnerable product which is used in water, energy, and critical manufacturing entities, as well as transportation systems could infiltrate the device's configuration interface and facilitate systems hijacking, according to an alert from the Cybersecurity and Infrastructure Security Agency. Such attacks could impact over 1,400 internet-exposed XPort instances, more than 300 of which are in the oil and gas sector, noted Microsec researcher Souvik Kandar, who said that total device takeover resulting from the abuse of the issue could prompt the breach of other systems within the targeted network, operational disruptions, and financial impact. Fixes for the issue have not yet been issued by Lantronix, which urged organizations to use its XPort Edge product instead.
