Hackers can compromise intranet-connected keys – and it’s much more dangerous and disruptive than it sounds, with ransomware a possible end threat.
Cybersecurity researchers from Nozomi published a report claiming to have found nearly twenty vulnerabilities in a device called Bosch Rexroth Handheld Nutrunner NXA015S-36V-B. This is a wireless, intranet-connected wrench that engineers use to tighten bolts to a precise torque.
As the researchers explain, having bolts that are too loose or too tight can cause some hardware to overheat and even cause a fire. Other failure scenarios are also possible.
Patch in progress
With Nutrunner, engineers get a torque level indicator display, backed by a certification from the Association of German Engineers, which was adopted in 1999. This allows the engineers to ensure that they are tightening the bolts to exactly the right torque level. .
However, the discovered vulnerabilities allow hackers to tamper with the device and cause major damage. For example, the display can show the correct torque level when the bolts were actually too loose or too tight. Furthermore, hackers can install ransomware on the devices and prevent the technicians from even viewing the pairing levels before paying the ransom.
The 23 flaws have a vulnerability score of 5.3 to 8.8, it said.
Users can control the device’s firmware, called NEXO-OS, through a browser-based management interface. Therefore, hackers would also need access to this interface to exploit the flaws. But even low privileges allow hackers to create an attack chain that uses a traversal vulnerability to deploy malware, the researchers explain. Even unauthenticated hackers can crack the keys by linking the traversal flaw to the hardcoded account vulnerability, for example.
Bosch was informed of the findings and said they would work on a solution. The patch (or patches) should be available by the end of the month.
Through ArsTechnica