Industrial cybersecurity company OTORIO announced it had discovered vulnerabilities in industrial remote access software solutions provided by B&R Automation and mbConnect. OTORIO’s researchers found multiple critical vulnerabilities in B&R’s SiteManager and GateManager, and mbConnect’s mbConnect24.
“Looking at industrial cybersecurity in a holistic way, products such as B&R’s and mbConnect can become potential ‘weak links’ in the security chain,” said Matan Rudis, OTORIO Threat Intelligence & Penetration Test Team Leader, in a press release. “OTORIO thanks B&R and mbConnect for their swift action and the seriousness with which they handled the issue.”
SiteManager and GateManager allow operations professionals to service and maintain industry machines remotely. The solutions allow technicians and engineers to retrieve logbook entries, application data and more.
OTORIO identified six new vulnerabilities in the solutions. These vulnerabilities could allow an attacker who has gained authorized access to view sensitive information about other users, their assets and their processes. Additionally, the vulnerabilities could enable hackers to trigger a repeated restart of both the GateManager and the SiteManager, which could potentially lead to a loss of availability and production shutdown.
mbConnect24 is used mostly for remote connection to industrial assets. The solution’s servers act as hubs that serve multiple endpoints, and sometimes even multiple clients.
OTORIO researchers discovered a number of vulnerabilities in mbConnect24’s industrial remote access software that could result in potential data collection and manipulation.
“…[I]n order to avoid potential breaches to their production facilities, organizations should quickly react to known vulnerabilities and follow the advice and guidance provided by their system providers,” Rudis said in the release.