Hacking serial-to-IP industrial devices from Lantronix and Silex: attacking OT from the internet. ππ¦πππ·ββοΈ
Security researchers Stanislav Dashevskyi and Francesco La Spina presented their research last month on devices used in critical infrastructure: serial-to-IP connectors that allow OT, medical, industrial, and edge devices to connect to the Internet.
The focus of this research: Lantronix and Silex devices. The authors were able to find 23 vulnerabilities in these devices, including 5 critical ones. They also summarize previous attacks on serial-to-IP devices. All in one place!
The authors claim that βserial-to-IP devices are Linux boxes, not much different from networking devicesβ - which means that if you have ever played with a SOHO router and found some security issues there, you have the skills to attack OT systems.
Great news for everyone who wants to get into practical OT cybersecurity! Enjoy the read, and use this knowledge responsibly.
More details:
Weβll eat your serial for breakfast: Exploiting Serial-to-IP Converters in Critical Infrastructure [PDF]: https://i.blackhat.com/Asia-26/Presentations/BHAS26-LaSpina-Well-Eat-You.pdf
