Sunday, April 14, 2024
HomeTechnologyHackers can infect network-connected wrenches to put in ransomware

Hackers can infect network-connected wrenches to put in ransomware

The Rexroth Nutrunner, a line of torque wrench sold by Bosch Rexroth.
Enlarge / The Rexroth Nutrunner, a line of torque wrench offered by Bosch Rexroth.

Bosch Rexroth

Researchers have unearthed almost two dozen vulnerabilities that would permit hackers to sabotage or disable a well-liked line of network-connected wrenches that factories around the globe use to assemble delicate devices and gadgets.

The vulnerabilities, reported Tuesday by researchers from safety agency Nozomi, reside within the Bosch Rexroth Handheld Nutrunner NXA015S-36V-B. The cordless gadget, which wirelessly connects to the native community of organizations that use it, permits engineers to tighten bolts and different mechanical fastenings to specific torque ranges which might be important for security and reliability. When fastenings are too unfastened, they danger inflicting the gadget to overheat and begin fires. When too tight, threads can fail and lead to torques which might be too unfastened. The Nutrunner offers a torque-level indicator show that’s backed by a certification from the Affiliation of German Engineers and adopted by the automotive trade in 1999. The NEXO-OS, the firmware operating on gadgets, may be managed utilizing a browser-based administration interface.

NEXO-OS's management web application.
Enlarge / NEXO-OS’s administration internet utility.


Nozomi researchers mentioned the gadget is riddled with 23 vulnerabilities that, in sure circumstances, may be exploited to put in malware. The malware may then be used to disable whole fleets of the gadgets or to trigger them to tighten fastenings too loosely or tightly whereas the show continues to point the important settings are nonetheless correctly in place. B

Bosch officers emailed a press release that included the same old platitudes about safety being a high precedence. It went on to say that Nozomi reached out just a few weeks in the past to disclose the vulnerabilities. “Bosch Rexroth instantly took up this recommendation and is engaged on a patch to unravel the issue,” the assertion mentioned. “This patch can be launched on the finish of January 2024.”

In a put up, Nozomi researchers wrote:

The vulnerabilities discovered on the Bosch Rexroth NXA015S-36V-B permit an unauthenticated attacker who is ready to ship community packets to the goal gadget to acquire distant execution of arbitrary code (RCE) with root privileges, utterly compromising it. As soon as this unauthorized entry is gained, quite a few assault eventualities turn into doable. Inside our lab setting, we efficiently reconstructed the next two eventualities:

  • Ransomware: we had been in a position to make the gadget utterly inoperable by stopping a neighborhood operator from controlling the drill by means of the onboard show and disabling the set off button. Moreover, we may alter the graphical consumer interface (GUI) to show an arbitrary message on the display screen, requesting the fee of a ransom. Given the benefit with which this assault may be automated throughout quite a few gadgets, an attacker may swiftly render all instruments on a manufacturing line inaccessible, doubtlessly inflicting vital disruptions to the ultimate asset proprietor.
A PoC ransomware running on the test nutrunner.
Enlarge / A PoC ransomware operating on the check nutrunner.


  • Manipulation of Management and View: we managed to stealthily alter the configuration of tightening packages, resembling by rising or reducing the goal torque worth. On the similar time, by patching in-memory the GUI on the onboard show, we may present a traditional worth to the operator, who would stay utterly unaware of the change.
A manipulation of view attack. The actual torque applied in this tightening was 0.15 Nm.

A manipulation of view assault. The precise torque utilized on this tightening was 0.15 Nm.

Supply hyperlink



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments