A new report from Forescout breaks down the security issues of devices widely used to connect legacy equipment to IP networks across utilities and manufacturing, and documents 22 newly discovered vulnerabilities affecting products from Lantronix and Silex.
Among the topline findings, Forescout identified tens of thousands of serial-to-IP converters exposed online across major vendors, expanding attacker reach and simplifying targeting. Armed with newly capable agentic AI tools, attackers could exploit these flaws faster, cheaper and more easily to manipulate readings and safety controls in industrial settings.
Additional findings include:
- The 22 newly disclosed vulnerabilities could enable remote code execution, device takeover, firmware tampering, denial of service, authentication bypass, and information disclosure.
- A compromised converter could be used as a pivot point for lateral movement or to manipulate data moving between operational systems and the networks that monitor and manage them.
- Researchers observed that public documentation and other open-source information can reveal vendor/model references, architectural details, and even photographs from real-world deployments, helping threat actors identify targets.
The full report is available here.
