Industrial orgs at risk of attacks leveraging Westermo switch flaws

SecurityWeek reports that industrial organizations have been warned by the Cybersecurity and Infrastructure Security Agency regarding eight vulnerabilities impacting Westermo Lynx 206-F2G industrial Ethernet switches. Many of the flaws were cross-site scripting issues, which could be exploited to facilitate web management interface and configuration software compromise with malicious code even without non-administrator access, according to S21sec researchers who discovered the flaws. Threat actors could also leverage a cross-site request forgery bug, as well as cross-origin resource sharing and code injection vulnerabilities, to enable further compromise. "An attacker with remote access to the device could inject malicious code to modify the behavior of the devices web functionalities, modify the communications managed by the switch or deny access to users," said S21sec researchers. Patches have already been issued for the CSRF issue but fixes for the other vulnerabilities are still on the way, said Westermo in a statement to CISA.