近日,安全公司 Nozomi 发布报告称,具备联网功能的博世力士乐手持式螺母拧紧器 NXA015S-36V-B 存在 23 个漏洞。这些漏洞在概念验证中被证实可以安装勒索软件,导致扳手无法使用。报告中提到的漏洞包括不当授权、SQL 注入、路径穿越、硬编码凭证等。一旦被入侵,攻击者可以在设备上安装勒索软件,使生产线停工,并对资产所有者造成大规模经济损失。
Nozomi 公司在报告中指出,这些联网扳手广泛应用于汽车制造行业,能够在正常工作情况下快速将螺栓拧紧到特定松紧度。然而,这些漏洞可能导致生产线瘫痪,给资产所有者带来巨大损失。攻击者还可以通过操纵板载显示屏劫持拧紧程序,对正在组装的产品造成难以察觉的损坏或使其无法安全使用。
针对这些漏洞,研究人员获得了扳手的 root 权限,并安装了一种名为“DR1LLCRYPT”的勒索软件。研究人员表示,这些联网扳手一旦被入侵,本地操作员就无法使用相关按钮,且有能力让联网扳手完全无法运行。攻击者可以改变图形用户界面(GUI),在屏幕上显示任意信息,要求支付赎金。
鉴于这种攻击容易在众多设备上实现自动化,攻击者可以迅速使生产线上的所有工具瘫痪,从而可能对最终资产所有者造成重大破坏。报告呼吁相关企业及时采取措施修复漏洞,以确保生产线安全运行。
英文翻译:
News Title: Bosch ConnectedSocket Wrench Exposes 23 Vulnerabilities, Potentially Affecting Production Lines
Keywords: Bosch, connected socket wrench, vulnerabilities, production lines, security risks
News Content:
Recently, security company Nozomi released a report stating that the Bosch Rexroth handheld nut tightener NXA015S-36V-B, which has networking capabilities, has 23 vulnerabilities. These vulnerabilities have been confirmed to be able to install ransomware in concept validation, rendering the wrench unusable. The reported vulnerabilities include improper authorization, SQL injection, path traversal, and hard-coded credentials. Once compromised, attackers can install ransomware on the device, causing production lines to stop, and causing significant economic losses to asset owners.
Nozomi’s report notes that these connected wrenches are widely used in the automotive manufacturing industry and can quickly tighten bolts to a specific torque level under normal working conditions. However, these vulnerabilities may lead to production line paralysis and cause significant losses to asset owners. Attackers can also hijack the tightening program by manipulating the on-board display, causing undetectable damage to assembled products or making them unsafe for use.
To address these vulnerabilities, researchers obtained root access to the wrench and installed a ransomware called “DR1LLCRYPT.” Researchers say that once compromised, local operators cannot use relevant buttons, and the connected wrench can become completely unusable. Attackers can change the graphical user interface (GUI) to display any information they want and demand ransom.
Given that these attacks are easy to automate on numerous devices, attackers can quickly disable all tools on the production line, causing significant damage to the ultimate asset owners. The report calls for relevant companies to take timely measures to fix these vulnerabilities to ensure the safe operation of production lines.
【来源】https://www.ithome.com/0/744/508.htm
Views: 1