As more companies rely on remote access systems to maintain production, discovering remote access vulnerabilities becomes a top priority. OTORIO’s Pen-Testers have recently found more than 20 critical security flaws in a popular industrial remote access solution, MBConnect. Attackers can take advantage of the vulnerabilities to shut down industrial production floors, break into company networks, tamper with data, or steal sensitive business information.
OTORIO’s Research penetration testers (PT) performed a penetration test for one of its customers. The customer used MBConnect’s web-based remote access service (mbConnect24) as their primary remote access solution.
During the test, OTORIO’s PT detected vulnerabilities in the MBConnect solutions. Some detected vulnerabilities can be exploited by unauthenticated users, while others require authentication.
The team managed to take over the mbConnect24 servers and gained full access to all information stored on those servers, including customer-sensitive information and sensitive MBConnect data such as source code. Taking over the mbConnect24 servers is only one of several potential attack techniques found by the team.
Attackers can take advantage of the MBConnect vulnerabilities to cause severe damage, including:
A recent Gartner report measured the time it takes attackers to exploit a vulnerability from the day it was announced. The study found that the average time-to-exploit of a vulnerability has dropped significantly from over 30 days in 2016 to just 2.5 days in 2019. It means that organizations should quickly react to known vulnerabilities and follow their system providers’ advice and guidance to avoid potential breaches to their production facilities.
OTORIO works alongside leading vendors such as MBConnect to ensure that attackers do not gain the ability to impact OT assets through the internet and that daily operations and productivity remain safe and efficient.
OTORIO also develops secure-by-design remote access solutions, utilizing OTORIO’s industrial cybersecurity research team’s deep expertise and OTORIO’s Pen-Testers vast experience. To learn more about OTORIO’s remote access solution, click here.