Industrial Wi-Fi kit has hard-coded credentials
Can't patch because there isn't one
The travelling side-show of industrial control kit insecurity continues, with an outfit called Red Lion being called out for hard-coded credentials on a wireless access point.
ICS-CERT has issued an advisory noting that the company's N-Tron 702.-W industrial wireless access point has hard-coded private keys for SSH and HTTPS connections.
Naturally enough, since you can copy the credentials from the device, and since all devices have the same credentials, attacking the kit is a snap.
To make the discovery, by Neil Smith of ZeroFox, even more entertaining, “ICS-CERT is unaware of any fix, patch, or update by N-Tron that mitigates this vulnerability”.
The advisory also notes: “N-Tron is aware of the reported vulnerability, and ICS CERT has not been able to successfully coordinate this issue with N-Tron or its parent company Red Lion because of the vendor’s unresponsiveness.”
Since you can't patch the devices, the only options are to make sure the APs aren't accessible from the Internet, and are isolated from the business network.
Or, perhaps, unplugged, replaced, and dropped in the skip. ®