Israeli industrial cybersecurity firm OTORIO has recently uncovered 11 security vulnerabilities in cloud management platforms associated with three industrial cellular router vendors: Sierra Wireless, Teltonika Networks, and InHand Networks. The vulnerabilities could expose operational technology (OT) networks to external attacks, allowing remote code execution and full control over hundreds of thousands of devices and OT networks, including those not configured to use the cloud. These vulnerabilities, presented at the Black Hat Asia 2023 conference, could also be used to obtain unauthorized access to devices, perform malicious operations, and exfiltrate sensitive information.

Weak asset registration mechanisms, flaws in security configurations, and external API and interfaces are the three different attack vectors that could be exploited to compromise and takeover cloud-managed IIoT devices through their cloud-based management platforms. The six flaws impacting Teltonika Networks were discovered following a "comprehensive research" carried out in collaboration with Claroty. OTORIO has warned that cloud-managed devices pose a "huge" supply-chain risk and that a single vendor compromise can act as a backdoor for accessing several OT networks in one sweep.

As the deployment of IIoT devices becomes more popular, it's important to be aware that their cloud management platforms may be targeted by threat actors. The vulnerabilities pose severe risks to industrial environments, making it crucial for industrial organizations to take proactive measures to secure their networks and prevent unauthorized access.