IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Network Security
#
Industrial IoT
#
Cybersecurity

Nozomi uncovers critical flaws in Advantech networks gear

Today
Author image
By Melania Watson, Interview Editor

Nozomi Networks has uncovered vulnerabilities in products from Advantech, including industrial-grade wireless access points used across various sectors.

These vulnerabilities, as detailed in a recent analysis by Nozomi Networks Labs, affect Advantech's EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO models. The access points, which are utilised for Wi-Fi connectivity in challenging environments like manufacturing and logistics, were found susceptible to unauthorised remote code execution, potentially compromising device security.

Unauthenticated attackers exploiting such vulnerabilities could gain root privileges, endangering the confidentiality, integrity, and availability of these devices. Nozomi Networks identified 20 vulnerabilities, each assigned a unique CVE identifier, highlighting the serious risk posed to critical infrastructure.

Advantech has responded by releasing updated firmware versions—specifically, v1.6.5 for the EKI-6333AC-2G and EKI-6333AC-2GD models and v1.2.2 for the EKI-6333AC-1GPO model. Asset owners in Australia and New Zealand are urged to implement these updates to safeguard their networks.

Detailed examination of the vulnerabilities indicates two primary attack vectors. The first involves direct interaction with the access point over a network, enabling attackers to send malicious requests. The second vector involves over-the-air attacks, allowing an adversary to execute code likely from a nearby physical location.

This proximity-based threat underscores the capability of malicious users to establish persistent access, launch Denial of Service (DoS) attacks, and facilitate lateral movement. Achieving code execution on a device can enable the creation of backdoors, maintain persistent network access, and potentially interrupt production lines by affecting network-dependent systems.

Nozomi Networks highlighted a specific over-the-air attack scenario where two vulnerabilities were chained together. This involved exploiting 'CWE-79 – Improper Neutralisation of Input During Web Page Generation (Cross-Site Scripting)' (CVE-2024-50376) and 'CWE-78 – Improper Neutralisation of Special Elements Used in an OS Command' (CVE-2024-50359). This attack vector, utilising rogue access points, is sophisticated as it requires physical proximity but not internal network access, posing a unique threat to industrial facilities.

The combined vulnerabilities demonstrate how special characters in beacon frames can be leveraged maliciously without network connection, thereby prompting the injection of arbitrary JavaScript code in web applications accessed by network administrators. Such exploitation could lead to aggressive commands orchestrated through manipulated devices, expanding control over the network.

Post-reporting, Advantech's swift release of updated firmware is intended to mitigate these risks. Stakeholders are advised to apply these fixes to prevent potential exploitation through devices inherent to their operational networks.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
BAI secures 3.8 GHz spectrum to expand private networks
Exclusive: HP's Rachael Williams on why diversity in tech leadership matters
Aus3C unveils data framework to boost Aussie cyber defences
Cybersecurity expert predicts AI & fraud threats for 2025
Ransomware payments rise to USD $1.35m for Australian firms
Top stories
Adobe report: Australian digital services could save $12 billion
Macquarie Government expands partnership with Netskope
Blackmagic Cloud storage now half price at USD $15/terabyte
PMT Security unveils new division for data centre solutions
The changing role of the security integrator – is AI an insurmountable challenge, or a golden opportunity?