USA: IOActive, Inc., a leading provider of application security, compliance and smart grid security services, announced that company security consultant Ruben Santamarta, uncovered hard-coded user accounts that could act as backdoors in two devices from German industrial automation manufacturer, TURCK.
The affected devices from TURCK, which could be exploited remotely, are the BL20 and BL67 Programmable Gateways.
These devices, primarily used in the US, Europe as well as in Asia, are deployed across many industries that include agriculture and food, automotive and critical manufacturing.
“These hard-coded user accounts pose a significant threat to organizations that have deployed the vulnerable TURCK devices. Any attacker with knowledge of the credentials can effectively remotely control the devices and reap havoc on the network - easily disrupting or shutting down critical production lines. Affected organizations should immediately apply the updated firmware from TURCK to remove these backdoors,” said Ruben Santamarta, security consultant for IOActive.
“It is both surprising and disappointing that hard-coded user accounts like these continue to crop up in Industrial Control Systems. Vendors and purchasers of such critical technologies should take great care to ensure that similar vulnerabilities do not affect future product lines. The industry as a whole still has a long way to go in implementing secure development lifecycle principles.”