Ethical Hacking News
Critical BRIDGE:BREAK flaws expose 20,000 devices to hijacking and data tampering. Researchers at Forescout Research Vedere Labs have discovered 22 Critical BRIDGE:BREAK flaws in serial-to-IP devices from Lantronix and Silex Technology, posing a significant threat to industrial and enterprise environments. The vulnerabilities allow attackers to take control of these converters and manipulate the data they transmit, creating serious risks for industrial and enterprise environments.
Researchers at Forescout Research Vedere Labs discovered 22 Critical BRIDGE:BREAK flaws in serial-to-IP devices from Lantronix and Silex Technology. The vulnerabilities pose a significant threat to industrial and enterprise environments, where these devices are commonly used. About 20,000 devices are exposed online, allowing attackers to take control of serial-to-IP converters and manipulate data they transmit. The potential impact of these vulnerabilities is significant, as attackers could use them to shut down communications or alter sensor readings, impacting industrial processes or healthcare devices. Experts urge organizations to patch their systems, replace default credentials, and enforce strong passwords, as well as keep serial-to-IP converters off the internet.
In a disturbing revelation that has sent shockwaves through the cybersecurity community, researchers at Forescout Research Vedere Labs have discovered 22 Critical BRIDGE:BREAK flaws in serial-to-IP devices from two prominent manufacturers, Lantronix and Silex Technology. These vulnerabilities, which were exposed by the researchers after conducting an exhaustive analysis of firmware from major serial-to-IP vendors, pose a significant threat to industrial and enterprise environments, where these devices are commonly used.
Serial-to-IP converters, also known as serial device servers, connect legacy serial equipment to modern IP networks for remote monitoring and control. They have become an essential component in various sectors, including energy (RTUs, relays), industry (PLCs), retail (POS systems), and healthcare (patient monitors). These devices allow organizations to integrate older hardware into TCP/IP networks without replacing existing systems, improving connectivity while extending equipment lifespan.
However, the discovery of these critical flaws has left experts concerned about the potential risks associated with serial-to-IP converters. The researchers at Forescout Research Vedere Labs found that around 20,000 devices are exposed online, and attackers can take control of these converters and manipulate the data they transmit, creating serious risks for industrial and enterprise environments.
"The discovery of 22 new vulnerabilities in hardware from device makers: Lantronix and Silex," reads a report published by Forescout. "Also known as 'serial-to-IP' and 'serial device servers', these innocuous 'bridge' devices are exploitable across critical infrastructure industries, including utilities, healthcare, manufacturing, retail, financial services, transportation, and more." The report further states that some of these vulnerabilities allow attackers to take full control of mission-critical devices connected via serial links.
The researchers identified up to eight vulnerabilities in Lantronix devices (EDS3000PS and EDS5000 series) and 14 in Silex Technology SD330-AC. A deeper review uncovered 22 new flaws in Lantronix and Silex Technology products, including remote code execution, authentication bypass, firmware tampering, and data exposure.
The potential impact of these vulnerabilities is significant, as attackers could use them to shut down communications (DoS), move laterally across industrial networks, or manipulate data in transit. This means they could alter sensor readings or change commands sent to machines, impacting industrial processes, energy systems, or even healthcare devices.
In power grids, devices such as protection relays track voltage and can trigger breakers via SCADA systems, while factories connect CNC machines for centralized control. These setups often rely on serial-to-IP converters. A typical attack starts when an attacker gains access through exposed edge devices like VPNs or routers. They then exploit vulnerabilities in the converter (e.g., weak authentication or RCE) to take control. Once inside, they can manipulate data in transit—altering sensor readings or commands.
Such manipulation can impact railway signaling, fire alarm systems, or fuel management, causing operational disruption or safety risks. The potential consequences of these vulnerabilities are far-reaching and could have significant impacts on the global economy.
Both Lantronix and Silex addressed the identified vulnerabilities with the following releases:
* Lantronix EDS3000PS Series
* Lantronix EDS5000 Series
* Silex
In light of this discovery, experts urge organizations to take immediate action to patch their systems, replace default credentials, and enforce strong passwords. They should also keep serial-to-IP converters off the internet, restrict access to trusted workstations, and segment networks using VLANs or dedicated subnets.
Monitoring is key: teams must detect exploitation attempts and unusual data flows that may indicate tampering. Vendors should adopt secure-by-design practices and a strong SDLC, keep software updated, and track all firmware components. They should harden binaries, test security regularly, and use robust encryption and signing methods.
Furthermore, using modern Linux versions and notifying customers about exposed devices can further reduce risks and improve overall security. The experts conclude that "this research highlights weaknesses in serial-to-IP converters and the risks they can introduce in critical environments." As these devices are increasingly deployed to connect legacy serial equipment to IP networks, vendors and end-users should treat their security implications as a core operational requirement.
Related Information:
https://www.ethicalhackingnews.com/articles/Critical-BRIDGEBREAK-Flaws-Expose-20000-Devices-to-Hijacking-and-Data-Tampering-ehn.shtml
https://securityaffairs.com/191114/hacking/critical-bridgebreak-flaws-impact-lantronix-and-silex-technology-converters.html
Published: Wed Apr 22 09:06:22 2026 by llama3.2 3B Q4_K_M
