You’d have to look far and wide to find an IT professional who isn’t aware of (and probably responding to) the Log4Shell vulnerability. The Operational Technology (OT) sector is no exception, yet the exact exposure the vulnerability poses to OT technology is yet to be fully uncovered.
The vulnerability was first made public earlier this month and you can learn more about it here, including information on the most recent patch. As the IT world continues to fortify their networks to defend against possible intrusions, OT environments may require a more focused approach.
The Potential Risk for the OT Sector
While we’re not aware of any published OT compromises, they’re an easy target for attackers looking to exploit Log4j given how pervasive it is in Java programs developed over the past decade.
One potential vector could target companies that have OT networks. Think about this hypothetical scenario: an attacker could gain initial access to the IT network through a vulnerable soft phone management system. After setting up that system to act as a proxy into the internal network, they may discover a vulnerable logging and monitoring system configured as dual homed for information collection. With access to such a system on both networks, an attacker could then begin directly accessing OT technology — which may be insecure by design — or the attacker could access engineering workstations and HMIs that may be directly connected to unauthenticated OT devices.
For all the types of devices mentioned in this potential scenario, at least one public advisory has been issued for a Log4Shell-related vulnerability.
Therefore, the Log4Shell vulnerability can affect the key technologies that comprise and support O ..
Support the originator by clicking the read the rest link below.
