Critical flaws in SWARCO Traffic Light controllers allows hackers to disrupt it
The traffic technology group SWARCO headquartered in Wattens near Innsbruck / Austria has an international network of production facilities, offices, and partners on all continents and offers one of the most complete solution portfolios for road marking, signage, urban traffic management, parking, highway and tunnel management, public transport, and street lighting. Its products have been deployed in over 70 countries around the world.
Researchers from ProtectEM said the SWARCO’s CPU LS4000 traffic light controllers are vulnerable to attacks due to an open port designed for debugging. The flaw, tracked as CVE-2020-12493 with a CVSS score of 10, was reported to the vendor in July 2019 and a patch was provided by SWARCO to customers in April. The researcher said that the vulnerability was discovered during a security audit conducted for a city in Germany to analyze networked traffic systems.
The SWARCO controller that has been affected by the vulnerability runs on BlackBerry’s QNX real-time operating system. According to the researcher, the system had a debug port open, which granted root access over the network without a password, allowing an attacker to remotely shut down or manipulate impacted controllers.
In the unpatched system, an attacker gets unlimited root access to any traffic light controller without requiring any credentials through a well documented and known feature of the underlying operating system. The access is meant for debugging, so it is not a bug or software defect that can be exploited. Rather the system was deployed in a configuration not meant for a production system with no security in place for this access port. As documented for the operating system, for a production system this debug option needs to be turned off
the researcher explained.
According to the researcher the attacker once enters the debug system and exploits the vulnerability, then it can gain access for turning the lights off and on that can cause major issues in the city. However, the researcher informed the SWARCO about the vulnerability and suggested them to turn off the debug option as that is the one where an attacker can access the root of the controller. Well, the company has fixed the vulnerability and updated the OS of the affected controllers. For more news on Tech and Cybersecurity subscribe to our newsletter form here.