Presented at
DEF CON 32 (2024),
Aug. 11, 2024, 10 a.m.
(20 minutes).
Industrial VPN gateways play a crucial role in operational technology by enabling secure remote access to systems within industrial networks. However, their importance goes hand in hand with increased security risks, as their architecture makes them lucrative targets for threat actors. Over the years, we have seen such devices being used in various industrial environments, which underlines their widespread use in critical infrastructures.
This talk is about a security analysis of a widely used industrial remote access solution. We will dive deep into and expose various vulnerabilities. This includes rooting the device, bypassing hardware-based security mechanisms such as the use of a hardware security module, and reverse engineering software and firmware. Ultimately, we will show how various identified vulnerabilities allowed us to hijack remote access sessions, creating significant security risks.
Presenters:
-
Moritz Abrell
- Senior IT Security Consultant and Penetration Tester at SySS GmbH
Moritz Abrell is an experienced IT security expert who has been passionate about the field since his early days.
As a Senior IT Security Consultant and Penetration Tester for the Germany-based pentest company SySS GmbH, he specializes in the practical exploitation of vulnerabilities and advises clients on how to remediate them.
In addition, he regularly conducts security research and has a keen interest in delving deep into soft-, hard- and firmware. His research has been presented at various national and international IT security conferences such as DEFCON, BlackHat USA, HackCon, NoHat, Hacktivity, etc.
Similar Presentations: