The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say.

DR (DZone Research) offers insights into software development trends, industry surveys, and technology adoption patterns, providing reports, whitepapers, and analyst insights to help businesses make informed decisions and stay competitive in the ever-evolving tech landscape. By exploring DR's curated content, developers can gain insights into emerging technologies, developer preferences, and industry best practices for building innovative and market-leading software solutions. Whether you're a startup founder, product manager, or tech executive, DR offers resources to guide your strategic planning and drive business success.

Dark Reading

Forescout researchers discovered 20 new vulnerabilities in popular serial-to-IP converter models from Lantronix and Silex, including five RCE flaws in the EDS5000PS and a critical 9.8 CVSS password-change bypass in the EDS3000PS. Beyond new bugs, scanning firmware stacks revealed an average of 212 known OSS vulnerabilities and 2,255 kernel bugs per device, with exposure to 89 publicly available exploits on average. These devices — which bridge legacy industrial machinery to IP networks — are increasingly targeted in major OT attacks like the 2015 Ukraine power grid hack. Compounding the risk, most devices run outdated Linux kernels without modern binary hardening techniques like ASLR, making exploitation straightforward. The market for these devices is expected to grow, not shrink, over the coming decade.

Serial-to-IP Devices Hide Thousands of Old and New Bugs

Critical Vulnerabilities in Serial Converters

Thousands of Bugs in Serial-to-IP Software Stacks