EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • Vulnerabilities uncovered in Bosch industrial impact wrenches

    Vulnerabilities uncovered in Bosch industrial impact wrenches

    Written by
    The Editorial Team
    01.12.24
    Industry and OT
    01
    MIN
    Vulnerabilities uncovered in Bosch industrial impact wrenches
    Vulnerabilities uncovered in Bosch industrial impact wrenches
    Vulnerabilities uncovered in Bosch industrial impact wrenches
    Image Study highlights glaring shortcomings in OT cybersecurity 
    Industry and OT
    03.16.24 Industry and OT
    Next article
    Study highlights glaring shortcomings in OT cybersecurity 
    Read
    02
    MIN
    Image Cloud computing: the manufacturing industry's cybersecurity Achilles' heel
    Industry and OT
    02.08.24 Industry and OT
    Next article
    Cloud computing: the manufacturing industry’s cybersecurity Achilles’ heel
    Read
    01
    MIN
    Image Strengthening of strategic partnership between Eviden and Microsoft
    Industry and OT
    01.30.24 Industry and OT
    Next article
    Strengthening of strategic partnership between Eviden and Microsoft
    Read
    01
    MIN
    Image A review of Stuxnet, history’s first act of cyber warfare
    Industry and OT
    01.16.24 Industry and OT
    Next article
    A review of Stuxnet, history’s first act of cyber warfare
    Read
    02
    MIN

    If exploited, vulnerabilities could paralyze vehicle assembly lines or render vehicles defective or dangerous.

    On January 9, 2024, the Nozomi Networks industrial cybersecurity firm announced it had discovered vulnerabilities in Bosch’s Rexroth industrial impact wrenches. The automotive industry uses the machines to tighten bolts that are critical to security. The impact wrenches have a Wi-Fi mode that allows remote operation and operational data transfers.

    Nozomi researchers identified 25 different flaws mainly affecting the proprietary NEXO-OS management software. Other vulnerabilities involve communication protocols for integration into SCADA, PLC and other systems. According to Nozomi, exploiting these vulnerabilities could allow an attacker to take full control of an impact wrench, which in turn could lead to two possible attack scenarios.

    The first would involve jamming as many machines as possible in the same factory to interrupt assembly lines, and demanding a ransom. The second would involve changing tightening program settings, weakening critical bolts. This would make the vehicles defective, even dangerous, with serious consequences for the manufacturer’s bottom line and reputation.

    Nozomi informed Bosch Rexroth of these flaws. A patch should be made available by the end of January 2024.

    The Editorial Team
    01.12.24
    Articles by the same author:
    1
    04.08.24 Cybercrime
    AT&T data theft: 73 million accounts compromised
    Read
    01
    MIN
    2
    04.08.24 Industry and OT
    Kaspersky notes slight decrease in attacks against ICS 
    Read
    02
    MIN
    3
    04.05.24 Digital Sovereignty
    DMA: European Commission to investigate Alphabet, Apple and Meta 
    Read
    02
    MIN
    4
    04.02.24 Digital Sovereignty
    Atos/Eviden: Airbus throws in the towel (again)
    Read
    02
    MIN
    Image Study highlights glaring shortcomings in OT cybersecurity 
    Industry and OT
    03.16.24 Industry and OT
    Next article
    Study highlights glaring shortcomings in OT cybersecurity 
    Read
    02
    MIN
    Image Cloud computing: the manufacturing industry's cybersecurity Achilles' heel
    Industry and OT
    02.08.24 Industry and OT
    Next article
    Cloud computing: the manufacturing industry’s cybersecurity Achilles’ heel
    Read
    01
    MIN
    Image Strengthening of strategic partnership between Eviden and Microsoft
    Industry and OT
    01.30.24 Industry and OT
    Next article
    Strengthening of strategic partnership between Eviden and Microsoft
    Read
    01
    MIN
    Image A review of Stuxnet, history’s first act of cyber warfare
    Industry and OT
    01.16.24 Industry and OT
    Next article
    A review of Stuxnet, history’s first act of cyber warfare
    Read
    02
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.