CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

ICS/OT·Vulnerabilities

Vulnerabilities Expose Helmholz Industrial Routers to Hacking

Eight vulnerabilities, including ones allowing full control over a device, have been discovered and patched in Helmholz REX 100 industrial routers. The post Vulnerabilities Expose Helmholz Industrial Routers to Hacking appeared first on SecurityWeek.

Industrial router vulnerabilities

Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz.

The existence of the security holes came to light last week, when Germany’s CERT@VDE published an advisory describing eight vulnerabilities discovered in Helmholz’s REX 100 router, which enables organizations to remotely access and manage industrial networks.

Helmholz routers are used worldwide, distributed through a network of partners across 60 countries, including in North America, Europe and Asia.

According to CERT@VDE’s advisory, three of the vulnerabilities have a ‘high severity’ rating, all of them allowing an attacker with high privileges to execute arbitrary OS commands using specially crafted requests. 

The remaining issues, classified as ‘medium severity’, can be exploited for SQL injection, XSS, and DoS attacks (including unauthenticated DoS). 

The vendor has patched the vulnerabilities with the release of firmware version 2.3.3 for REX 100 routers. Prior firmware versions are impacted. 

The vulnerabilities were discovered during lab exercises organized at an Austrian university by industrial cybersecurity company CyberDanube, which, despite their official CVSS scores, believes some of the flaws are critical.

CyberDanube’s Sebastian Dietz told SecurityWeek that while a majority of the REX 100 vulnerabilities require authentication for exploitation, the devices have default credentials that could allow an attacker to overcome this requirement. 

Dietz explained that some of the flaws can allow an attacker to execute arbitrary code on the targeted device as root, enabling them to cause disruption, intercept communications, or pivot to other systems on the network.

Another potential security risk flagged by CyberDanube is related to the fact the industrial router is permanently connected to the vendor’s cloud environment, which enables users to manage and configure devices on an industrial network through a web interface.

If attackers were to find vulnerabilities in the implementation of this cloud system, they may be able to reach other customers’ devices, which could have ‘devastating’ consequences, Dietz speculated. 

CyberDanube has published its own advisory for the vulnerabilities, including technical details and PoC exploit code.

Learn More at SecurityWeek’s ICS Cybersecurity Conference
The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
ICS Cybersecurity Conference
October 27-30, 2025 | Atlanta
www.icscybersecurityconference.com

Related: Critical Vulnerabilities Expose mbNET.mini, Helmholz Industrial Routers to Attacks

Related: Four-Faith Industrial Router Vulnerability Exploited in Attacks

Related: Train Brakes Can Be Hacked Over Radio—And the Industry Knew for 20 Years

Latest News

CYBERNEWSMEDIAPublisher