Advantech Spectre RT Industrial Routers Security Update

Threat ID:: CC-3767
Threat Severity:: Information only
Threat Vector:: Vulnerability
Published:: 25 February 2021 11:03 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Affected platforms

The following platforms are known to be affected:

Advantech Spectre RT ERT351 Industrial Routers firmware Versions: all prior to 6.2.7

Threat details

Introduction

Advantech have released a security update to address vulnerabilities in their Spectre RT industrial routers which could allow an attacker to use a reflective XSS attack, intercept credentials, gain full access to the web application, discover passwords and exploit known vulnerabilities in OpenSSL.

Remediation advice

Organisations are encouraged to review Advantech’s security advisory and apply the necessary update.

Last edited: 26 February 2021 12:12 pm