Security researchers have recently detected a severe security flaw in traffic light controller, which allows the hackers to control traffic lights remotely.
SWARCO is the world’s largest manufacturer of signal heads, and it mainly works in traffic control, traffic protection, road labeling, and other solutions mostly located in smart cities.
The vulnerability was detected as CVE-2020-12493 with a CVSS score of 10, and it was an “inappropriate access control” problem that enables the hackers to gain root access to the device remotely and control through the network.
According to the managing director at ProtectEM, Peter Frohlich, the threat was identified when a security audit was conducted for a city in Germany that offered his company to investigate the networked traffic systems.
Moreover, the security researchers have found the vulnerability in SWARCO’s CPU LS4000 traffic light controllers, as they offer an open port that is specifically designed for debugging.
Here the infected SWARCO controller manages the BlackBerry’s QNX real-time operating system, and it’s composed to manage traffic lights in one crossing.
More importantly, the system had an open port that is designed for debugging, which could be exploited by the hackers to gain root access all over the network, and lockdown or manipulate the affected controllers remotely.
The ProtectEM researchers have proclaimed that the threat was reported to the vendor in July 2019, but, SWARCO issued a patch to fix this security hole in April 2020. Apart from this, Germany’s VDE CERT and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have already newly issued the advisory circulars for this vulnerability.
According to Germany’s CERT VDE, this critical vulnerability has affected one of the most used traffic light controllers of the company that we have mentioned below:-
- CPU LS4000: All OS versions starting with G4
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) suggests users to take preventive measures to reduce the risk of misuse of this vulnerability. And to make this clear and straightforward, they have provided a few guidelines that we have mentioned below:-
- Make sure to reduce the network exposure for all control system devices, and keep them away from the internet.
- Make sure to isolate the control system networks and remote devices from the business network that are behind the firewalls.
- Always use VPNs (Virtual Private Networks), if the remote access is required.
- Make sure to perform precise impact analysis and the risk assessment before deploying any security measures.
The security experts explained that by exploiting this security flaw, how an attacker could manipulate traffic lights and plan them to create traffic accidents and traffic jams. The security researchers have also explained that on several occasions in the past, the smart city systems are frequently exposed to these types of attacks, in short, to mitigate these types of security flaws, patching is the only solution.