CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Critical vulnerabilities and embedded risks in serial-to-IP industrial converters disclosed

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Security researchers disclosed 20 new vulnerabilities across popular serial-to-IP converter models used in industrial networks, including multiple critical remote code execution (RCE) flaws with CVSS ratings up to 9.8. Thousands of additional known vulnerabilities were identified in the underlying software stacks of these devices, which rely on outdated libraries and end-of-life operating systems. Serial-to-IP converters bridge legacy industrial machinery with modern networks, making them critical targets in OT cyberattacks such as the 2015 Ukrainian power grid incident. Despite their role in enabling SCADA and remote monitoring, industry projections indicate the market for these devices will grow over the next decade, exacerbating exposure risks. The research highlights systemic security deficiencies, including unpatched firmware, lack of binary hardening, and exploitable default configurations.

Timeline

  1. 21.04.2026 00:00 1 articles · 2h ago

    Newly disclosed vulnerabilities in Lantronix and Silex serial-to-IP converters expand OT attack surface

    Forescout disclosed 20 new vulnerabilities across major serial-to-IP converter models, including critical RCE and authentication bypass flaws. Researchers also identified thousands of known vulnerabilities in device firmware stacks due to outdated components and end-of-life OS kernels, highlighting systemic weaknesses in OT bridging devices. Converters such as Lantronix EDS3000PS/EDS5000PS and Silex SD330-AC are foundational to legacy-to-IP integration across industrial sectors, and their exposure poses risks to SCADA integrity and operational safety.

    Show sources
    Open in new tab

Information Snippets

  • Forescout researchers identified 20 previously undisclosed vulnerabilities across models Lantronix EDS3000PS, EDS5000PS, and Silex SD330-AC, including 5 RCE flaws in EDS5000PS and a critical authentication bypass in EDS3000PS (CVE-2025-70082) enabling device takeover and admin lockout.

    First reported: 21.04.2026 00:00
    1 source, 1 article
    Show sources

  • Eight of the new flaws include two critical RCE vulnerabilities in EDS5000PS rated CVSS 9.8, and one critical issue in EDS3000PS allowing password changes without old-password verification, granting full access and privilege escalation.

    First reported: 21.04.2026 00:00
    1 source, 1 article
    Show sources

  • Forescout estimates over 10 million serial-to-IP converters globally, with tens of thousands inadvertently exposed on the open internet, compounding attack surface for OT environments.

    First reported: 21.04.2026 00:00
    1 source, 1 article
    Show sources

  • Analysis of firmware stacks revealed an average of 212 known vulnerabilities per device in open-source components and 2,255 kernel bugs due to outdated Linux versions; 63 critical vulnerabilities were identified across samples.

    First reported: 21.04.2026 00:00
    1 source, 1 article
    Show sources

  • Researchers demonstrated that exploitation can alter sensor data (e.g., thermometer readings) and transmitted data (e.g., barcode inputs), enabling integrity attacks on industrial processes and SCADA systems.

    First reported: 21.04.2026 00:00
    1 source, 1 article
    Show sources

  • No binary hardening techniques such as ASLR are consistently applied across devices, leaving memory layouts predictable and enabling reliable exploitation despite mitigation potential.

    First reported: 21.04.2026 00:00
    1 source, 1 article
    Show sources