CA-FORESCOUT
6.12.2023 07:02:34 CET | Business Wire | Press release
Forescout, a global cybersecurity leader, today released “SIERRA:21 – Living on the Edge,” an analysis of 21 newly discovered vulnerabilities within OT/IoT routers and open-source software components. The report — produced by Forescout Research – Vedere Labs, a leading global team dedicated to uncovering vulnerabilities in critical infrastructure — emphasizes the continued risk to critical infrastructure and sheds light on possible mitigations.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20231205915662/en/
Sierra:21 Infographic (Source: Forescout)
“SIERRA:21 – Living on the Edge” features research into Sierra Wireless AirLink cellular routers and some of its open-source components, such as TinyXML and OpenNDS. Sierra Wireless routers are popular — an open database of Wi-Fi networks shows 245,000 networks worldwide running Sierra Wireless for a variety of applications. For example, Sierra Wireless routers are used for police vehicles connecting to a central network management system or to stream surveillance video, in manufacturing plants for industrial asset monitoring, in healthcare facilities providing temporary connectivity and to manage electric vehicle charging stations. The 21 new vulnerabilities have the potential to stop vital communications that could impact everyday life.
Read the blog: Forescout Vedere Labs discloses 21 new vulnerabilities affecting OT/IoT routers
Forescout Research further finds:
- The attack surface is expansive with 86,000 vulnerable routers still exposed online. Less than 10% of these routers are confirmed to be patched against known previous vulnerabilities found since 2019.
-
Regions with the highest number of exposed devices includes:
- 68,605 devices in The United States
- 5,580 devices in Canada
- 3,853 devices in Australia
- 2,329 devices in France
- 1,001 devices in Thailand
- Among the 21 vulnerabilities, one has critical severity (CVSS score 9.6), nine have high severity and 11 have medium severity. These vulnerabilities allow attackers to steal credentials, take control of a router by injecting malicious code, persist on the device and use it as an initial access point into critical networks.
- Patching can’t fix everything. 90 percent of devices exposing a specific management interface have reached end of life, meaning they cannot be further patched.
- It’s an uphill battle to secure supply chain components. Open-source software elements continue to go unchecked and increase the attack surface of critical devices, leading to vulnerabilities that may be hard for organizations to track and mitigate.
“We are raising the alarm today because there remain thousands of OT/IoT devices representing an increased attack surface that requires attention,” advises Elisa Constante, VP of Research, Forescout Research – Vedere Labs. “Vulnerabilities impacting critical infrastructure are like an open window for bad actors in every community. State-sponsored actors are developing custom malware to use routers for persistence and espionage. Cybercriminals are also leveraging routers and related infrastructure for residential proxies and to recruit into botnets. Our discoveries reaffirm the need for heightened awareness of the OT/IoT edge devices that are so often neglected.”
Sierra Wireless and OpenDNS have issued patches for the identified vulnerabilities. TinyXML is an abandoned open source project, so the upstream vulnerabilities will not be fixed and must be addressed downstream.
For more information, download the full report, “SIERRA:21 – Living on the Edge,” now at https://www.forescout.com/resources/sierra21-vulnerabilities.
Additional Resources:
- View the on-demand webinar: https://www.brighttalk.com/central/account/616385/channel/13809/video/602171
- Read more insight from Forescout Research: Hacktivists attack U.S. water treatment plant – analysis and implications
About Forescout
Forescout Technologies, Inc., a global cybersecurity leader, continuously identifies, protects and helps ensure the compliance of all managed and unmanaged connected cyber assets – IT, IoT, IoMT and OT. For more than 20 years, Fortune 100 organizations and government agencies have trusted Forescout to provide vendor-agnostic, automated cybersecurity at scale. The Forescout® Platform delivers comprehensive capabilities for network security, risk and exposure management, and extended detection and response. With seamless context sharing and workflow orchestration via ecosystem partners, it enables customers to more effectively manage cyber risk and mitigate threats.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20231205915662/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
FIFA World Cup™ Fans Embrace Referee View as Lenovo AI Brings Viewers Closer to the Pitch9.7.2026 06:00:00 CEST | Press release
91% of fans say the new broadcast technology has made the FIFA World Cup 2026™ viewing experience more dynamic New international research from Lenovo reveals that technological advancements are fundamentally changing how fans experience the FIFA World Cup 2026™, making viewers feel closer to the action than ever before. According to a survey of football fans across Australia, Canada, India, U.K., U.S., 87% say technology is improving their viewing experience, and 84% report the close-to-action camera perspectives help them feel like they're right there on the pitch. Accelerating this unprecedented view of the game is Referee View, powered by Lenovo AI that gives viewers a first-person look at the match from the referee’s point of view. The research further found: Over three-quarters (76%) of FIFA World Cup™ viewers have seen or heard about Referee View, and 91% say the close-to-action perspective is appealing. 88% say that smooth, stable footage is an important part of viewing sports f
Empire State Building Observation Deck Launches Exclusive Soccer Jersey Ticket Offer for Sports Fans in July9.7.2026 00:37:00 CEST | Press release
Guests can receive 15% off tickets purchased online when they wear their soccer team jersey at the ‘World’s Most Famous Building’ The Empire State Building Observation Deck (ESBOD) today announced a new, exclusive ticket offer for soccer fans who don their favorite team’s duds at the “World’s Most Famous Building” in anticipation of the tournament final. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260708711923/en/ Empire State Building Observation Deck Launches Exclusive Soccer Jersey Ticket Offer for Sports Fans in July Guests who plan to wear their soccer jersey to the Empire State Building Observation Deck can purchase tickets online for 15 percent off to enjoy the immersive museum experience and New York City’s best views from the 86th and 102nd Floor Observation Decks. The limited-time offer is available only to guests who wear their soccer jersey on the day of their visit from now through July 31. “Whether they rep
New Esri Press Book Shows That GIS Can Transform the Entire Campus, Starting at the Classroom8.7.2026 23:33:00 CEST | Press release
The Spatial Edge Reveals How Spatial Thinking Drives Innovation, Efficiency, and Collaboration Across Higher Education Esri releases The Spatial Edge, a new book demonstrating how GIS technology unifies academic and operational functions across higher education institutions. The book highlights how universities use spatial thinking to enhance teaching, advance interdisciplinary research, and improve campus planning and operations across departments. Through real-world case studies, The Spatial Edge shows how GIS strengthens decision-making, connects disciplines, and supports institutions in solving complex campus and community challenges. Designed for administrators and educators, the guide emphasizes workforce readiness by equipping graduates with in-demand geospatial skills across diverse industries. Esri has released The Spatial Edge: The Strategic Advantage of GIS Skills Across Higher Education, a practical and accessible guide that demonstrates how geographic information system (G
Jefferies Financial Group Inc. Announces Pricing of €850,000,0004.500% Senior Notes Due 20338.7.2026 22:16:00 CEST | Press release
Jefferies Financial Group Inc. (NYSE: JEF) (“JFG”, “we” or “our”) today announced the pricing of its public offering of €850,000,000 aggregate principal amount of 4.500% Senior Notes due 2033 (the “Notes”) with an effective yield of 4.544%, maturing, July 15, 2033. The offering is expected to settle on July 15, 2026, subject to the satisfaction of customary closing conditions. Application is expected to be made for the Notes to be admitted to the Official List of the Irish Stock Exchange plc, trading as Euronext Dublin, and admitted to trading on the Global Exchange Market of Euronext Dublin; any listing is subject to approval by Euronext Dublin. JFG intends to use the net proceeds of the offering for general corporate purposes. Jefferies International Limited served as sole global co-ordinator and joint active book-runner for the offering of the Notes, Banco Santander, S.A., Citigroup Global Markets Limited, Natixis, SMBC Bank International plc and Société Générale served as joint act
KiddeFenwal Launches New Website and Information Hub8.7.2026 18:00:00 CEST | Press release
Enhanced digital platform reflects KiddeFenwal’s legacy, stature and growth trajectory in the fire suppression and safety controls industry KiddeFenwal, the global leader in the fire suppression and safety controls industry, today unveiled a revitalized website, designed to serve as a comprehensive information hub for fire industry practitioners and customers alike. The modernized platform includes features created specifically with the company’s global partners, OEMs and distributors in mind, including: Accelerated asset navigation, pointing users to critical safety documentation, design parameters and product specifications; Seamless solution mapping, helping users quickly locate fire suppression configurations by industry, from data centers to BESS applications to commercial kitchens; and Enhanced resource access, including streamlined pathways to connect with the company’s elite distributor network across 120 countries. It also provides information about the company’s three brands,
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
