Several significant security flaws were recently identified and patched in routers manufactured by German industrial automation company Helmholz.
The issues were disclosed last week by Germany’s CERT@VDE, which released an advisory detailing eight vulnerabilities in Helmholz’s REX 100 router. This device allows organizations to remotely monitor and manage industrial networks.
Helmholz routers are distributed globally through partners in over 60 countries, including those in North America, Europe, and Asia.
CERT@VDE noted that three of the vulnerabilities are rated high severity. These bugs allow attackers with elevated privileges to run arbitrary operating system commands using specially crafted requests.
The other vulnerabilities are considered medium severity and can be exploited for SQL injection, cross-site scripting (XSS), and denial-of-service (DoS) attacks, including unauthenticated DoS.
The flaws have been addressed in firmware version 2.3.3 for the REX 100 router. Older versions remain vulnerable.
These vulnerabilities were found during lab exercises at an Austrian university, organized by the industrial cybersecurity firm CyberDanube. Despite official CVSS ratings, the company believes some of the issues are more serious than currently classified.
CyberDanube’s Sebastian Dietz reported that although most REX 100 vulnerabilities require authentication, the presence of default login credentials could let attackers bypass this barrier. He also warned that some of the flaws may allow attackers to execute arbitrary code as root, potentially enabling them to disrupt operations, spy on network traffic, or move laterally within an industrial network.
CyberDanube also raised concerns about the router’s constant connection to the vendor’s cloud platform, which allows web-based management of devices across networks. If flaws were discovered in this cloud service, attackers might gain access to other customers’ devices, posing a serious risk.
CyberDanube has published a separate advisory, which includes technical details and proof-of-concept exploit code.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
