Skip to main content

Temperature Control System Vulnerability

Security researchers have identified several vulnerable temperature control systems manufactured by the remote monitoring company, Resource Data Management. These systems are found in refrigerators used by hospitals and supermarkets.

Threat ID:
CC-2925
Category:
Threat Severity:
Low
Threat Vector:
Published:
12 February 2019 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Security researchers have identified several vulnerable temperature control systems manufactured by the remote monitoring company, Resource Data Management. These systems are found in refrigerators used by hospitals and supermarkets.

Threat details

The majority of machines identified are configured with default credentials and some did not require any credentials to gain access. A remote attacker can exploit this vulnerability by locating an internet-connected device and entering the default credentials to gain full access to the system controls. This would allow an attacker to alter the machine temperature, set alarms and switch the machine off or on.

Remediation steps

Type Step

Users and administrators are encouraged to contact their relevant suppliers and ensure that their systems are securely configured and not using default credentials.

Last edited: 14 February 2020 2:51 pm