Potential traffic light hack.
A critical vulnerability in traffic light controllers designed by SWARCO could have been exploited by hackers to disrupt traffic lights.
SWARCO is the world’s largest manufacturer of signal heads and the number two internationally for reflective glass beads.
Researchers at ProtectEM discovered that SWARCO’s CPU LS4000 traffic light controllers have an open port designed for debugging that could be exploited by attackers.
The flaw, tracked as CVE-2020-12493, is an “improper access control” issue that could allow hackers to grant root access to the device without access control via network.
“An open port used for debugging grants root access to the device without access control via network.” reads the security advisory published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
The flaw could be exploited by low-skilled attackers, it was rated with a CVSS score of 10 and affects all OS versions starting with G4 SWARCO of CPU LS4000.
“An open port used for debugging grants root access to the device without access control via network.” reads the advisory published by the CERT-VDE
“A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices.”
ProtectEM researchers reported the vulnerability to the vendor in July 2019, which released a patch in April.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Germany’s VDE CERT recently published advisories for the vulnerability.
The good news is that this family of systems is not exposed online and attackers need physical access to the targeted network to exploit the flaw.
An attacker that could achieve physical access to vulnerable controllers in a city could cause disruption by deactivating traffic lights simultaneously.
The researchers demonstrated how an attacker could control traffic lights and manipulated them to cause traffic accidents or traffic jams.