this post was submitted on 11 Jan 2024
20 points (91.7% liked)

Weird News - Things that make you go 'hmmm'

886 readers
97 users here now

Rules:

  1. News must be from a reliable source. No tabloids or sensationalism, please.

  2. Try to keep it safe for work. Contact a moderator before posting if you have any doubts.

  3. Titles of articles must remain unchanged; however extraneous information like "Watch:" or "Look:" can be removed. Titles with trailing, non-relevant information can also be edited so long as the headline's intent remains intact.

  4. Be nice. If you've got nothing positive to say, don't say it.

Violators will be banned at mod's discretion.

Communities We Like:

-Not the Onion

-And finally...

founded 1 year ago
MODERATORS
 

Do we really need to network-connect everything? (sent via fediverse)

cross-posted from: https://lemmy.smeargle.fans/post/106476

HN Discussion

all 3 comments
sorted by: hot top controversial new old
[–] autotldr@lemmings.world 2 points 10 months ago

This is the best summary I could come up with:


Researchers have unearthed nearly two dozen vulnerabilities that could allow hackers to sabotage or disable a popular line of network-connected wrenches that factories around the world use to assemble sensitive instruments and devices.

The vulnerabilities, reported Tuesday by researchers from security firm Nozomi, reside in the Bosch Rexroth Handheld Nutrunner NXA015S-36V-B.

The cordless device, which wirelessly connects to the local network of organizations that use it, allows engineers to tighten bolts and other mechanical fastenings to precise torque levels that are critical for safety and reliability.

The Nutrunner provides a torque-level indicator display that’s backed by a certification from the Association of German Engineers and adopted by the automotive industry in 1999.

The malware could then be used to disable entire fleets of the devices or to cause them to tighten fastenings too loosely or tightly while the display continues to indicate the critical settings are still properly in place.

The vulnerabilities found on the Bosch Rexroth NXA015S-36V-B allow an unauthenticated attacker who is able to send network packets to the target device to obtain remote execution of arbitrary code (RCE) with root privileges, completely compromising it.


The original article contains 344 words, the summary contains 187 words. Saved 46%. I'm a bot and I'm open source!

[–] cashsky@lemmy.world 2 points 10 months ago

It's called Nutrunner. LMFAO