Critical Vulnerabilities Expose mbNET.mini and Helmholz Industrial Routers to Attacks

Recent findings from Germany’s CERT@VDE have unveiled critical and high-severity vulnerabilities in mbNET.mini and Helmholz industrial routers that could lead to full device compromise. 🔒💻 This alarming discovery underscores the need for robust cybersecurity measures in industrial environments.

The vulnerabilities were identified by Moritz Abrell from German cybersecurity firm SySS and disclosed responsibly to MB Connect Line, the parent company of mbNET.mini. The critical vulnerabilities tracked as CVE-2024–45274 and CVE-2024–45275, allow unauthenticated remote hackers to execute arbitrary OS commands and gain complete control over affected devices. This is primarily due to missing authentication and hardcoded credentials.

CVE-2024–45274 and CVE-2024–45275: Critical vulnerabilities allowing complete device compromise.Additional high-severity vulnerabilities lead to privilege escalation and information disclosure.

The vulnerabilities affect devices that serve as VPN gateways for industrial environments. If exploited, they can grant attackers access to sensitive information and control over industrial control systems (ICS). For instance, an attacker with physical access could easily compromise the device and install malware, posing severe risks to operational security.

Attacks on ICS can have far-reaching consequences, impacting not just individual devices but entire industrial operations.The ability to obtain sensitive information, like VPN credentials, can lead to further attacks on critical infrastructure.

This incident highlights a crucial need for industrial router manufacturers to prioritize cybersecurity. Regular penetration testing should be an integral part of their security strategy to identify and address vulnerabilities proactively. At WireTor, we specialize in providing comprehensive penetration testing services tailored to safeguard industrial environments and enhance system security.

🌐 Why Choose WireTor?

Expert team in cybersecurity solutionsTailored penetration testing to uncover and mitigate vulnerabilitiesCommitment to ongoing support and actionable insights

Don’t leave your industrial systems vulnerable to attacks. Contact WireTor for expert guidance and services that can help secure your operations against emerging threats.

👉 Follow for pentest service page and stay updated on the latest cybersecurity news! https://www.linkedin.com/company/wiretor