Industrial firms potentially vulnerable to attacks using PiiGAB flaws

SecurityWeek reports that industrial organizations could be impacted by severe remote hacking attacks leveraging nine security vulnerabilities in PiiGAB's M-Bus 900s gateway/converter instances. Threat actors could exploit the devices' critical and high-severity flaws, which include cross-site request forgery, cross-site scripting, weak password, code injection, and login attempt rate limiting, as well as credentials that were hardcoded and are in plaintext, according to security researchers Floris Hendriks and Jeroen Wijenbergh, who discovered the vulnerabilities, some of which do not need privileges for abuse. "As these devices are connected to industrial control systems such as PLCs, sensors, and actuators, hacking them can have significant impact on the industrial processes. Using the exploits, an attacker is able to remotely gain (root) control over the PiiGAB device. Consequently, an attacker can, for example, conduct network pivoting, which allows an attacker to gain access to the local industrial network," said the researchers. The Cybersecurity and Infrastructure Security Agency has already issued an advisory on the vulnerabilities.