“Attackers can persistently and remotely take control or simulate the malfunction of the attached machinery, through attacks like command injection, emergency-stop (e-stop) abuse, and malicious re-pairing.”
The vulneranbility found with several vendors including Saga, Juuko, Telecrane, Hetronic, Circuit Design, Autec, and Elca.
Replay attack – The attacker records RF packets and replays them to obtain basic control of the machine.
Command injection – Knowing the RF protocol, the attacker can arbitrarily and selectively modify RF packets to completely control the machine.
E-stop abuse – The attacker can replay e-stop (emergency stop) commands indefinitely to cause a persistent denial-of-service (DoS) condition.
Malicious re-pairing – The attacker can clone a remote controller or its functionality to hijack a legitimate one.
Malicious reprogramming – The attacker “
“By exploiting various vulnerabilities that we discovered, we were able to move full-sized cranes deployed in production at construction sites, factories, and transportation businesses.”
These vulnerabilities could pose a serious threat such as Sabotage and Injury, Theft and Extortion.