Vulnerabilities in industrial Ethernet switches allow for credential theft, denial-of-service attacks
Researchers with Positive Technologies have uncovered serious security vulnerabilities in industrial Ethernet switches manufactured by Moxa. The flaws can enable threat actors to take control of switches through brute-force attacks, or to take switches down by launching denial-of-service attacks.
Attacks on the switches can have major consequences since they are used in critical energy and transportation infrastructures. Despite this, the research shows that very little thought went into the security features of the switches, as even basic security measures like password encryption were not implemented.