Network-connected wrenches used globally are now at risk of exposure to ransomware hackers, who can manipulate their functionalities and gain unauthorized access to the connected networks, according to experts.
Research conducted by Nozomi reveals that the Bosch Rexroth Handheld Nutrunner, a network-connected wrench, displays vulnerabilities that could potentially allow hackers to disrupt entire networks or manipulate operations in production facilities, leading to work sabotage.
Bosch network wrenches, widely utilized in manufacturing and service stations worldwide, pose a significant risk, as any flaw in these tools could jeopardize entire facilities, potentially even causing fires.
The Nozomi report affirms that these Bosch devices, operating on NeXo-OS, can be manipulated through a web-based online management interface using a Wi-Fi module, making them susceptible to the spread of malware such as ransomware.
The research findings were brought to the attention of the German manufacturing and engineering tech company, Bosch, which has acknowledged the situation and is actively working on developing a solution.
A detailed explanation of these vulnerabilities in network-connected wrenches was provided in a paper released by Dan Goodin of Ars Technica. It emphasizes that similar vulnerabilities exist in wrenches from other companies like Cisco, Datto, HPE, and Juniper Networks, potentially serving as avenues for the spread of ransomware if their vulnerabilities are left unaddressed.
