Rapid 7 security man Todd Beardsley says new firmware released to patch hardcoded SSH keys in Advantech EKI industrial control system gateways contains known brutal flaws including Shellshock, Heartbleed, and buffer overflows.
A module for the Metasploit hacking box has been published to help attackers hose the zero day holes in systems reachable through the internet.
The EKI-122X series hardware last month was found to contain hardcoded SSH keys that mean remote attackers could eavesdrop on the devices.
Fixed software crushed that vulnerability but opened the hardware up to the very public and dangerous Shellshock vulnerability revealed in September last year to be affecting great swathes of the internet.
Heartbleed graced the internet in April that year revealing a devastating hole in the OpenSSL library allowing easy access to vulnerable systems from banking platforms to VPNs. It remains a current threat to some 200,000 devices.
The gateways are also vulnerable to various lesser known holes including DHCP stack-based buffer overflows (CVE-2012-2152).
All three issues require an update from the vendor in order to update the shipping software to versions patched against the named issues," Beardsley says.
"End users of these devices are advised to ensure that these devices are not reachable by untrusted networks such as the internet."
Advantech was first contacted about the flaws 11 November. ®