From equipment damage to shop floor blocking — how will hackers take advantage of a security hole?
Researchers at Nozomi Networks discovered 23 vulnerabilities in the popular Bosch Rexroth Handheld Nutrunner NXA015S-36V-B network wrenches. These high-precision tools are used in factories and factories around the world to tighten fasteners in the production and maintenance of various equipment.
According to experts, vulnerabilities allow you to gain remote access to devices and run arbitrary code on them. The two attack variants demonstrated by the researchers clearly indicate that the consequences can be very, very serious:
A ransomware program deployed on a network wrench
Many of the vulnerabilities discovered can be used for attacks without authentication directly from the enterprise network. Others allow attackers who already have limited access to tool management systems to increase their privileges for full-fledged attacks from an external network.
Bosch Rexroth has confirmed receiving vulnerability data from researchers and promised to release a patch before the end of January 2024.
Experts recommend that businesses operating vulnerable devices install this patch immediately after it is released to reduce the risk of attacks on shop equipment.
Although the probability of mass exploitation of these vulnerabilities is low, there is a risk of targeted attacks by hacktivists or government groups.
Researchers at Nozomi Networks discovered 23 vulnerabilities in the popular Bosch Rexroth Handheld Nutrunner NXA015S-36V-B network wrenches. These high-precision tools are used in factories and factories around the world to tighten fasteners in the production and maintenance of various equipment.
According to experts, vulnerabilities allow you to gain remote access to devices and run arbitrary code on them. The two attack variants demonstrated by the researchers clearly indicate that the consequences can be very, very serious:
- Install a ransomware program on all the workshop wrenches with blocking their management and displaying a ransom demand on the screen. Such a massive attack can permanently stop the entire production cycle, causing multimillion-dollar losses, especially in large companies.
- Imperceptibly change the tightening settings while maintaining normal readings on the wrench screen. This will allow you to secretly loosen or tighten fasteners, which can at best lead to an early failure of the equipment, and at worst - to much more serious consequences. What if hackers decide to lower the torque, for example, when tightening the fasteners of passenger aircraft parts? And before the plane crash is not far away.
A ransomware program deployed on a network wrench
Many of the vulnerabilities discovered can be used for attacks without authentication directly from the enterprise network. Others allow attackers who already have limited access to tool management systems to increase their privileges for full-fledged attacks from an external network.
Bosch Rexroth has confirmed receiving vulnerability data from researchers and promised to release a patch before the end of January 2024.
Experts recommend that businesses operating vulnerable devices install this patch immediately after it is released to reduce the risk of attacks on shop equipment.
Although the probability of mass exploitation of these vulnerabilities is low, there is a risk of targeted attacks by hacktivists or government groups.
