Bosch Rexroth Nutrunners vulnerable to stop production lines or tamper with safety

Critical vulnerabilities discovered in the widely-used Bosch Rexroth NXA015S-36V-B smart Nutrunner, a key component in automotive production lines. These vulnerabilities, if exploited, could lead to severe consequences such as ransomware implantation, causing production stoppages and substantial financial losses. Additionally, threat actors could compromise the safety of assembled products by manipulating tightening programs or causing undetectable damage.

Of particular concern is the safety-critical certification of the NXA015S-36V-B, as an attacker could compromise product safety through suboptimal or excessive tightening. In applications vital to safety, precise torque levels are crucial to prevent issues resulting from loose connections.

Given the unpatched vulnerabilities, especially in the NEXO-OS operating system, technical details are withheld in this summary. Bosch Rexroth has committed to releasing patches by January 2024.

In the interim, mitigation recommendations for asset owners to safeguard against potential cyberattacks.

Restricting the network reachability of the device as much as possible, so that only authorized personnel and trusted computers/servers can communicate with it.
Review all accounts that have login access to the device and delete unnecessary ones.
Be cautious when opening untrusted links or visiting external websites with a browsing session to the management web application in progress.

These vulnerabilities empower an unauthenticated attacker to execute arbitrary code remotely with root privileges, leading to a complete compromise of the device.

Impacts:

Ransomware Scenario: The device can be rendered inoperable, preventing local operators from controlling the drill through the onboard display and disabling the trigger button. The graphical user interface (GUI) can be altered to display a ransom message, demanding payment. This automated attack could swiftly render all tools on a production line inaccessible, causing significant disruptions.
Manipulation of Control and View: Tightening programs’ configurations can be stealthily altered, such as adjusting the target torque value. The GUI on the onboard display can be patched in-memory to show a normal value to the operator, keeping them unaware of the change.

Additional Considerations:

Health and Safety Risks: Improperly torqued fastenings in critical devices pose potential health and safety risks.
Mechanical Failures: Overtightened connections can cause premature failure of fixtures, leading to revenue loss, productivity issues, warranty claims, and reputational damage.

Conclusion and mitigation of future threats:

A group of hackers might make a whole assembly line stop working unless you pay them a lot of money in cryptocurrency. They could ask for millions, and that’s not even counting the costs to fix things.

If the problem isn’t fixed for a long time, it could mess up the quality of the products. You might have to recall thousands of items already out there. Someone might tell you about a problem in how things are made but won’t spill all the details unless you pay up. The effects can be really serious, from dangerous accidents to complicated lawsuits because of things not working right, and the danger of ransomware. There’s a lot at stake.

Maintaining a robust OT Risk-based Vulnerability Management Program is absolutely essential for the world of manufacturing. This program consistently identifying and fixing any weak points in our systems that could be exploited. By routinely addressing these vulnerabilities, we’re constructing a defense, making it challenging for hackers to interfere with our assembly lines or infiltrate our processes. Having a reliable security system for our machines, ensuring smooth operations and safe high-quality products. So, dedicating time and effort to this program is a smart choice for a secure and successful manufacturing journey!

Vulnerable Bosch Rexroth Nutrunner products: