CA-FORESCOUT
6.12.2023 07:02:34 CET | Business Wire | Press release
Forescout, a global cybersecurity leader, today released “SIERRA:21 – Living on the Edge,” an analysis of 21 newly discovered vulnerabilities within OT/IoT routers and open-source software components. The report — produced by Forescout Research – Vedere Labs, a leading global team dedicated to uncovering vulnerabilities in critical infrastructure — emphasizes the continued risk to critical infrastructure and sheds light on possible mitigations.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20231205915662/en/
Sierra:21 Infographic (Source: Forescout)
“SIERRA:21 – Living on the Edge” features research into Sierra Wireless AirLink cellular routers and some of its open-source components, such as TinyXML and OpenNDS. Sierra Wireless routers are popular — an open database of Wi-Fi networks shows 245,000 networks worldwide running Sierra Wireless for a variety of applications. For example, Sierra Wireless routers are used for police vehicles connecting to a central network management system or to stream surveillance video, in manufacturing plants for industrial asset monitoring, in healthcare facilities providing temporary connectivity and to manage electric vehicle charging stations. The 21 new vulnerabilities have the potential to stop vital communications that could impact everyday life.
Read the blog: Forescout Vedere Labs discloses 21 new vulnerabilities affecting OT/IoT routers
Forescout Research further finds:
- The attack surface is expansive with 86,000 vulnerable routers still exposed online. Less than 10% of these routers are confirmed to be patched against known previous vulnerabilities found since 2019.
-
Regions with the highest number of exposed devices includes:
- 68,605 devices in The United States
- 5,580 devices in Canada
- 3,853 devices in Australia
- 2,329 devices in France
- 1,001 devices in Thailand
- Among the 21 vulnerabilities, one has critical severity (CVSS score 9.6), nine have high severity and 11 have medium severity. These vulnerabilities allow attackers to steal credentials, take control of a router by injecting malicious code, persist on the device and use it as an initial access point into critical networks.
- Patching can’t fix everything. 90 percent of devices exposing a specific management interface have reached end of life, meaning they cannot be further patched.
- It’s an uphill battle to secure supply chain components. Open-source software elements continue to go unchecked and increase the attack surface of critical devices, leading to vulnerabilities that may be hard for organizations to track and mitigate.
“We are raising the alarm today because there remain thousands of OT/IoT devices representing an increased attack surface that requires attention,” advises Elisa Constante, VP of Research, Forescout Research – Vedere Labs. “Vulnerabilities impacting critical infrastructure are like an open window for bad actors in every community. State-sponsored actors are developing custom malware to use routers for persistence and espionage. Cybercriminals are also leveraging routers and related infrastructure for residential proxies and to recruit into botnets. Our discoveries reaffirm the need for heightened awareness of the OT/IoT edge devices that are so often neglected.”
Sierra Wireless and OpenDNS have issued patches for the identified vulnerabilities. TinyXML is an abandoned open source project, so the upstream vulnerabilities will not be fixed and must be addressed downstream.
For more information, download the full report, “SIERRA:21 – Living on the Edge,” now at https://www.forescout.com/resources/sierra21-vulnerabilities.
Additional Resources:
- View the on-demand webinar: https://www.brighttalk.com/central/account/616385/channel/13809/video/602171
- Read more insight from Forescout Research: Hacktivists attack U.S. water treatment plant – analysis and implications
About Forescout
Forescout Technologies, Inc., a global cybersecurity leader, continuously identifies, protects and helps ensure the compliance of all managed and unmanaged connected cyber assets – IT, IoT, IoMT and OT. For more than 20 years, Fortune 100 organizations and government agencies have trusted Forescout to provide vendor-agnostic, automated cybersecurity at scale. The Forescout® Platform delivers comprehensive capabilities for network security, risk and exposure management, and extended detection and response. With seamless context sharing and workflow orchestration via ecosystem partners, it enables customers to more effectively manage cyber risk and mitigate threats.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20231205915662/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Aqemia and Sanofi Expand Their Research Collaboration17.7.2026 12:30:00 CEST | Press release
A new target nomination and a milestone payment mark the next step of the multi-year partnership first announced in December 2023 Aqemia, the drug invention company combining generative AI and quantum-inspired physics to invent small molecule drugs, today announced the expansion of its multi-year research collaboration with the global pharmaceutical company, Sanofi. The expansion is marked by the nomination of a new therapeutic target and an additional payment. The collaboration, first announced in December 2023, makes Aqemia eligible to receive up to a total of $140 million in upfront and milestone payments across programs. It spans the drug discovery journey from the identification of the very first hits to the selection of a development candidate. Aqemia leverages Qemi, its proprietary physics-based generative AI platform, to design novel molecules addressing Sanofi’s targets of choice, working in close collaboration with Sanofi scientific teams. Sanofi leads wet lab research, devel
China's ~$900B Live-Commerce Market Now Approaches US E-Commerce Scale17.7.2026 12:30:00 CEST | Press release
The consumer habits reshaping global retail were built in the East — and most Western shoppers haven't yet adopted them. NIQ report shows that brands still treating live, social, and quick commerce as "emerging" risk being left behind. The center of gravity in global retail has shifted East. The formats now driving the fastest growth in global retail (live shopping, social commerce, and delivery in minutes) were pioneered and scaled in Asia, and most Western consumers have yet to adopt them. According to NIQ (NYSE: NIQ), a leading consumer intelligence company, in its global report The Commerce Revolution: Where East Meets West, the gap between East and West is still vast. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260717253489/en/ China´s USD 900bn live shopping boom now approaches the scale of the US E-commerce The scale is already substantial. China's live-commerce market alone was worth roughly $900 billion in 2025,
Ant International’s Alipay+ Connects Argentina's National QR Payment Scheme via PVS,Enabling for Cross-Border Digital Payment Nationwide at Millions of Merchants17.7.2026 12:17:00 CEST | Press release
Alipay+, a global digital payment gateway under Ant International, today announced that it will enable global travellers to make QR code payments at millions of merchants across Argentina through integration with the country's national QR payment scheme Transferencias 3.0, in partnership with PVS, a fintech company specialized in developing customized payment solutions in Latin America. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260717276406/en/ By connecting to Argentina's national QR payment scheme, Alipay+ now enables global travellers in the country to make convenient QR code payments at merchants nationwide. This service helps to enhance global travellers' travel experiences in Argentina, allowing them to pay seamlessly at restaurants, malls and tourist attractions. Using an Alipay+ partner payment app, they can now scan the national QR code displayed at all merchants to make cross-border payments across Argentina,
KATE Launches "KABUKE: Break Convention" Kabuki-Inspired International Campaign17.7.2026 09:00:00 CEST | Press release
Where “NO MORE RULES.” intersects with the Kabuku spirit. Inspired by Japanese aesthetics, KATE shares the value of shadow enhancing makeup and self‑expression with the world. Global cosmetics brand KATE launched “KABUKE: Break Convention,” a new international campaign drawing on elements of Kabuki, the traditional Japanese performing art. The campaign debuted on Wednesday, July 8, 2026. In this campaign, KATE’s shadow enhancing makeup—rooted in Japanese aesthetics—was paired with the Kabuki spirit inherited from traditional Kabuki theater to communicate the value of individuality and self‑expression through makeup on a global scale. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260708829427/en/ KATE international campaign “KABUKE: Break Convention” key visual. Dedicated website: https://www.kate-global.net/my/special/kate_kabuki/ Since its founding, KATE has championed the slogan “NO MORE RULES.,” offering makeup that defi
Meiji Seika Pharma: Results from the Global Phase III Trial (Integral-2) of Nacubactam, a Novel β-Lactamase Inhibitor, Highlighted in The Lancet Microbe’s Coverage of ESCMID Global Congress 202617.7.2026 03:00:00 CEST | Press release
Meiji Seika Pharma Co., Ltd. (Headquarters: Tokyo, President and Representative Director: Toshiaki Nagasato) today announced that results from the global Phase III trial (Integral-2) of nacubactam (Development Code: OP0595), a novel β-lactamase inhibitor, were highlighted in The Lancet Microbe’s coverage of ESCMID Global Congress 2026 (held in Munich, Germany). As highlighted in The Lancet Microbe’s coverage, the key findings presented by Meiji Seika Pharma at ESCMID Global Congress 2026 are as follows: The Integral-2 study (jRCT2031230076) is a global Phase III clinical trial that enrolled patients with complicated urinary tract infections, acute uncomplicated pyelonephritis, hospital-acquired bacterial pneumonia, ventilator-associated bacterial pneumonia, or complicated intra-abdominal infections caused by carbapenem-resistant Gram-negative bacteria (excluding Acinetobacter species). The study has achieved the prespecified study objectives. For the primary endpoint of overall treatme
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
