Cybersecurity researchers found 22 vulnerabilities in serial-to-IP converters from Lantronix and Silex that could let attackers hijack devices and tamper with data, with nearly 20,000 exposed online globally, according to a technical analysis from Forescout Research Vedere Labs.
KEY FACTS
- Devices affected Lantronix EDS3000PS and EDS5000 series, plus Silex SD330-AC.
- Scope Eight flaws were found in Lantronix products and 14 in the Silex device.
- Risk Issues include remote code execution, authentication bypass, firmware tampering and arbitrary file upload.
- Exposure Nearly 20,000 serial-to-Ethernet converters were identified online.
The vulnerabilities were grouped under the BRIDGE:BREAK name. They could allow attackers to disrupt serial communications, move laterally through a network and alter sensor values or actuator behavior.
The report said a threat actor could first gain access through an internet-exposed edge device such as an industrial router or firewall, then use the flaws to compromise a serial-to-IP converter and modify data moving between serial equipment and an IP network.
Lantronix and Silex have issued security updates for the affected products. Users were also advised to change default credentials, avoid weak passwords, segment networks and keep the devices off the internet.
WHY IT MATTERS
Serial-to-IP converters are used to connect legacy industrial equipment to modern networks, so weaknesses in these devices can create entry points into critical environments. The findings show that exposed hardware in operational technology networks can have direct effects on data integrity and device control.