Westermo Switch Vulnerabilities Can Attack on Industrial Organizations

Westermo-Switch-Vulnerabilities-Can-Attack-on-Industrial-Organizations

 

CISA, the US security agency, told organizations this week that some Westermo Lynx industrial switches are vulnerable to a number of issues, which researchers say can be exploited to tamper with the device.

CISA’s alert identifies eight vulnerabilities in Lynx 206-F2G industrial Ethernet switches, including two high-severity and six medium-severity concerns. Spain-based cybersecurity firm S21sec’s Aarón Flecha Menéndez, Iván Alonso Álvarez, and Víctor Bello Cuevas discovered the flaws.

The researchers told SecurityWeek that several of the security holes are stored cross-site scripting (XSS) bugs that can allow an attacker with non-administrator access to the switch’s web management interface or configuration software to plant malicious code in various places.

Read more: Westermo Switch Vulnerabilities Can Facilitate Attacks on Industrial Organizations

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.