Several flaws found in serial-to-IP converters used in critical sectors

SecurityWeek reports that Forescout Technologies identified 20 new vulnerabilities in Sliex and Lantronix serial-to-IP converters, or serial device servers, that can be exploited without authentication, potentially exposing healthcare, operational technology, and other systems to remote attacks.

Attackers could weaponize the flaws, which are collectively known as BRIDGE:BREAK, to enable OS command injection, remote code execution, denial-of-service intrusions, firmware tampering, and device hijacking, as well as arbitrary file uploads, authentication evasion, and information gathering, reported Forescout researchers. Actively exploited firmware could prevent serial-to-IP converters from responding on the network.

"Potential impacts include: analyzers stop reporting results to laboratory information systems, creating processing backlogs; surgical lighting controllers become unresponsive to remote commands; infusion pump calibration and certification workflows are halted; telemetry from environmental sensors is interrupted; Patient monitors lose network connectivity," said researchers, who are poised to release more details on the vulnerabilities. Fixes have already been issued by both Lantronix and Silex following Forescout's disclosure.