CA-FORESCOUT
6.12.2023 07:02:34 CET | Business Wire | Press release
Forescout, a global cybersecurity leader, today released “SIERRA:21 – Living on the Edge,” an analysis of 21 newly discovered vulnerabilities within OT/IoT routers and open-source software components. The report — produced by Forescout Research – Vedere Labs, a leading global team dedicated to uncovering vulnerabilities in critical infrastructure — emphasizes the continued risk to critical infrastructure and sheds light on possible mitigations.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20231205915662/en/
Sierra:21 Infographic (Source: Forescout)
“SIERRA:21 – Living on the Edge” features research into Sierra Wireless AirLink cellular routers and some of its open-source components, such as TinyXML and OpenNDS. Sierra Wireless routers are popular — an open database of Wi-Fi networks shows 245,000 networks worldwide running Sierra Wireless for a variety of applications. For example, Sierra Wireless routers are used for police vehicles connecting to a central network management system or to stream surveillance video, in manufacturing plants for industrial asset monitoring, in healthcare facilities providing temporary connectivity and to manage electric vehicle charging stations. The 21 new vulnerabilities have the potential to stop vital communications that could impact everyday life.
Read the blog: Forescout Vedere Labs discloses 21 new vulnerabilities affecting OT/IoT routers
Forescout Research further finds:
- The attack surface is expansive with 86,000 vulnerable routers still exposed online. Less than 10% of these routers are confirmed to be patched against known previous vulnerabilities found since 2019.
-
Regions with the highest number of exposed devices includes:
- 68,605 devices in The United States
- 5,580 devices in Canada
- 3,853 devices in Australia
- 2,329 devices in France
- 1,001 devices in Thailand
- Among the 21 vulnerabilities, one has critical severity (CVSS score 9.6), nine have high severity and 11 have medium severity. These vulnerabilities allow attackers to steal credentials, take control of a router by injecting malicious code, persist on the device and use it as an initial access point into critical networks.
- Patching can’t fix everything. 90 percent of devices exposing a specific management interface have reached end of life, meaning they cannot be further patched.
- It’s an uphill battle to secure supply chain components. Open-source software elements continue to go unchecked and increase the attack surface of critical devices, leading to vulnerabilities that may be hard for organizations to track and mitigate.
“We are raising the alarm today because there remain thousands of OT/IoT devices representing an increased attack surface that requires attention,” advises Elisa Constante, VP of Research, Forescout Research – Vedere Labs. “Vulnerabilities impacting critical infrastructure are like an open window for bad actors in every community. State-sponsored actors are developing custom malware to use routers for persistence and espionage. Cybercriminals are also leveraging routers and related infrastructure for residential proxies and to recruit into botnets. Our discoveries reaffirm the need for heightened awareness of the OT/IoT edge devices that are so often neglected.”
Sierra Wireless and OpenDNS have issued patches for the identified vulnerabilities. TinyXML is an abandoned open source project, so the upstream vulnerabilities will not be fixed and must be addressed downstream.
For more information, download the full report, “SIERRA:21 – Living on the Edge,” now at https://www.forescout.com/resources/sierra21-vulnerabilities.
Additional Resources:
- View the on-demand webinar: https://www.brighttalk.com/central/account/616385/channel/13809/video/602171
- Read more insight from Forescout Research: Hacktivists attack U.S. water treatment plant – analysis and implications
About Forescout
Forescout Technologies, Inc., a global cybersecurity leader, continuously identifies, protects and helps ensure the compliance of all managed and unmanaged connected cyber assets – IT, IoT, IoMT and OT. For more than 20 years, Fortune 100 organizations and government agencies have trusted Forescout to provide vendor-agnostic, automated cybersecurity at scale. The Forescout® Platform delivers comprehensive capabilities for network security, risk and exposure management, and extended detection and response. With seamless context sharing and workflow orchestration via ecosystem partners, it enables customers to more effectively manage cyber risk and mitigate threats.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20231205915662/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
The Rock-It Company Expands to Abu Dhabi, Strengthening the Capital’s Position as a Global Hub for Luxury, Culture, and Major Events11.7.2026 18:12:00 CEST | Press release
The Rock-It Company (Rock-It), one of the world’s leading providers of specialist logistics for time-critical and high-value sectors across live events and luxury goods, has expanded its footprint in the UAE to Abu Dhabi, in partnership with the Abu Dhabi Investment Office (ADIO). The expansion in the region brings Rock-It’s portfolio of renowned brands to the UAE capital to support Abu Dhabi’s vision of becoming a world-leading destination for luxury experiences, cultural attractions, and global events, while reinforcing the emirate’s position as a regional re-export hub and advanced logistics base. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260710305177/en/ Through the collaboration, Rock-It seeks to develop world-class bonded storage and logistics facilities designed to serve the group’s five core end markets: sports, live entertainment, fine art, film & television, and luxury automotive. Once complete, Rock-It’s faci
L&T Technology Services Global EI Hackathon Sparks the Next Wave of AI-Native Engineering Solutions11.7.2026 13:35:00 CEST | Press release
Nearly 4,000 participants across 770+ teams from nine global locations became a part of the 24-hour innovation challenge L&T Technology Services (BSE: 540115, NSE: LTTS), a global leader in Engineering Intelligence Solutions & ER&D Consulting Services successfully concluded Engineering Intelligence (EI) OpenHack 2026, a first-of-its-kind global innovation challenge conducted simultaneously across nine locations spanning India, the U.S. and Europe. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260711573331/en/ LTTS Global EI OpenHack at the Munich office The hackathon brought together nearly 4,000 engineers (770+ teams) from Bengaluru, Mysuru, Chennai, Hyderabad, Pune, Vadodara, Mumbai, Dallas and Munich to tackle complex engineering challenges through AI-led innovation. More than 500 challenge statements were aligned with company’s strategic growth priorities, spanning Software Defined Mobility, Plant Buildout & Modernizati
Samos Energy Acquisition Corporation Announces Pricing of Initial Public Offering10.7.2026 15:32:00 CEST | Press release
Samos Energy Acquisition Corporation (the “Company”) announced today the pricing of its initial public offering (“IPO”) of 20,000,000 units at a price of $10.00 per unit. The units will be listed on the New York Stock Exchange (the “NYSE”) and trade under the ticker symbol “SAMO.U” beginning on July 10, 2026. Each unit consists of one Class A ordinary share and one-half of one redeemable warrant, with each whole warrant entitling the holder thereof to purchase one of the Company’s Class A ordinary shares at an exercise price of $11.50 per share. Once the securities comprising the units begin separate trading, the Class A ordinary shares and warrants are expected to be listed on the NYSE under the symbols “SAMO” and “SAMO.WS,” respectively. Cantor Fitzgerald & Co. is acting as the sole book running manager for the proposed offering. The Company has granted the underwriter a 45-day option to purchase up to an additional 3,000,000 units at the IPO price. The public offering is being made
Onera hPSG® Wins Prestigious Red Dot Product Design Award10.7.2026 15:00:00 CEST | Press release
Onera Health's patch-based home polysomnography solution, Onera hPSG®, was awarded the renowned ‘Red Dot Award: Product Design 2026’ in recognition of the sensors’ innovative design, advanced functionality, and user-centric engineering. Onera Health, a leader in transforming sleep medicine, announces that its innovative product, Onera hPSG®, has been honoured with the prestigious Red Dot Product Design Award for 2026. This international recognition celebrates exceptional design quality and underscores Onera Health's commitment to excellence, creativity, and patient-centric innovation. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260710266668/en/ Onera Health's patch-based home polysomnography solution, Onera hPSG®, wins Prestigious Red Dot Product Design Award 2026. The Red Dot Award, one of the most sought-after seals of quality for good design, attracted thousands of entries from around the globe. Onera hPSG® stood out f
teamLab Biovortex Kyoto Welcomes Over 1 Million Visitors within 9 Months of Opening10.7.2026 09:00:00 CEST | Press release
teamLab Biovortex Kyoto has welcomed over 1 million visitors as of July 6, 2026, 9 months after its grand opening. (*1) These visitors arrived from more than 150 countries and regions. International visitors account for approximately 42% of the total. Many of these international visitors travel from distant countries and regions, including the United States, Australia, Canada, the United Kingdom, and Germany. Approximately 30% of these international visitors purchase their tickets at least 30 days in advance. teamLab Biovortex Kyoto is teamLab's largest museum in Japan, with an average visitor stay of over two and a half hours. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260709913938/en/ teamLab Biovortex Kyoto Welcomes Over 1 Million Visitors within 9 Months of Opening *1 According to ticket purchase data from the official teamLab Biovortex Kyoto website (survey period: October 7, 2025 – July 6, 2026) Visitors Comment (M
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
