CISA, the US security agency, told organizations this week that some Westermo Lynx industrial switches are vulnerable to a number of issues, which researchers say can be exploited to tamper with the device.
CISA’s alert identifies eight vulnerabilities in Lynx 206-F2G industrial Ethernet switches, including two high-severity and six medium-severity concerns. Spain-based cybersecurity firm S21sec’s Aarón Flecha Menéndez, Iván Alonso Álvarez, and Víctor Bello Cuevas discovered the flaws.
The researchers told SecurityWeek that several of the security holes are stored cross-site scripting (XSS) bugs that can allow an attacker with non-administrator access to the switch’s web management interface or configuration software to plant malicious code in various places.
Read more: Westermo Switch Vulnerabilities Can Facilitate Attacks on Industrial Organizations
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
