Hackers can leverage security weaknesses in a widely-used Bosch Rexroth smart wrench to install ransomware on the device and cause “potentially dangerous accidents” by altering its settings.
Nozomi Networks Labs found 23 vulnerabilities affecting the Bosch Rexroth Nutrunner NXA015S-36V-B cordless wrench. In a blog post on Tuesday, Nozomi Networks said, “these vulnerabilities could make it possible to implant ransomware on the device, which could be used to cause production line stoppages and potentially large-scale financial losses to asset owners.”
While Bosch Rexroth has said it’s working on an update to fix the security issues, a patch won’t be available until the end of this month.
Implanting Ransomware, Hijacking ‘Tightening Programs’
Hackers can exploit vulnerabilities in the Bosch Rexroth Nutrunner NXA0155-36V0B to gain root privileges and install malicious software like ransomware on the device. Malicious actors could also alter safety-critical “tightening programs while manipulating the onboard display, causing undetectable damage to the product being assembled or making it unsafe to use,” Nozomi Network said in its blog post.
The vulnerable firmware (software that controls core device functions) controlling the Bosch Rexroth smart wrench is called “NEXO-OS.” While the majority of these flaws affect the management web application, a few were found in parts of the OS that handle the device’s communication with other equipment.
Nozomi Labs warned that hackers can access the device without requiring authentication, shut down an entire assembly line, and demand a huge cryptocurrency ransom, leading to millions in losses. If unresolved, companies might also need to recall thousands of faulty products.
Security Recommendations
It’s not uncommon for cyber risks to cause disruption in the industrial sector. In 2022, automotive part maker DENSO suffered a ransomware attack, resulting in a significant data leak, while Toyota had to suspend production across Japanese plants due to a cyberattack on a major parts supplier.
Until Bosch Rexroth resolves the security weaknesses, Nozomi Labs recommends the following remediation measures:
- Limit who and what can connect to your device. Since some attacks don’t need any action from you to work (0-click unauthenticated root RCE), ensure only trusted people and computers/servers can talk to your device.
- Check who has access to your device. Some attacks need a user to be logged in, so go through your user accounts and remove any that aren’t needed.
- Be careful with links and websites. Some vulnerabilities can be exploited when logged into the device’s management web app. Don’t click on suspicious links or visit unknown websites while logged in to this app.
If you use smart devices at home or work, it’s important to understand the potential cybersecurity risks they could be exposed to. For instance, did you know that even your digital home thermostat can be hacked?
For more news, follow us on X (Twitter), Threads, and Mastodon!
