Cybersecurity researchers have discovered critical vulnerabilities in industrial VPN implementations primarily used to provide remote access to operational technology (OT) networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems (ICS).
A new report published by industrial cybersecurity company Claroty demonstrates multiple severe vulnerabilities in enterprise-grade VPN installations, including Secomea GateManager M2M Server, Moxa EDR-G902, and EDR-G903, and HMS Networks eWon’s eCatcher VPN client.
These vulnerable products are widely used in field-based industries such as oil and gas, water utilities, and electric utilities to remotely access, maintain and monitor ICS and field devices, including programmable logic controllers (PLCs) and input/output devices.
According to Claroty researchers, successful exploitation of these vulnerabilities can give an unauthenticated attacker direct access to the ICS devices and potentially cause some physical damage.
In Secomean’s GateManager, researchers uncovered multiple security flaws, including a critical vulnerability (CVE-2020-14500) that allows overwriting arbitrary data,…