This equipment, commonly used to connect legacy serial devices to modern networks, is prevalent in industrial settings worldwide, especially in manufacturing.
Attackers exploiting these flaws could bypass authentication entirely or reset device passwords, seizing complete administrative control.
Such risks threaten operational technology (OT) environments, where disruptions could halt production lines or enable deeper network intrusions.
Firmware version 1.600 is affected, with both vulnerabilities earning a top CVSS v3.1 score of 9.8 critical due to remote exploitability, low complexity, and no privileges or user interaction needed.
Security researchers Shorabh Karir and Deepak Singh from KPMG discovered the issues, reporting missing authentication for key functions.
No public exploits are known yet, but the flaws’ simplicity makes them prime targets for threat actors eyeing industrial sabotage.
These flaws stem from inadequate safeguards on administrative endpoints. CVE-2026-25084 allows unauthorized access to critical functions without credentials, while CVE-2026-24789 lets attackers reset passwords or alter configs freely.
In ICS setups, ZLAN5143D devices often bridge IT and OT networks, creating pathways for lateral movement into control systems.
| CVE ID | CVSS Score | Description |
|---|---|---|
| CVE-2026-25084 | 9.8 (Critical) | Missing authentication for a critical function, enabling unauthorized device access or control. |
| CVE-2026-24789 | 9.8 (Critical) | Authentication bypass allowing password resets or configuration changes without credentials. |
CISA stresses isolating these devices from the internet. Place them behind firewalls, segment control networks from business ones, and avoid direct public exposure.
For essential remote access, deploy VPNs but only on patched endpoints, as weak devices undermine them. Conduct risk assessments first to avoid operational downtime.
Organizations should audit networks for ZLAN5143D exposure, apply any vendor patches promptly, and monitor for anomalies. Report suspicious activity to CISA.
This alert underscores the perils of legacy ICS gear in critical infrastructure; swift mitigation is essential to safeguard manufacturing continuity.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google
The post CISA Alerts on Critical ZLAN ICS Flaws Enabling Full Device Takeover appeared first on Cyber Security News.
When I reviewed MLB The Show 20, I praised it as the best baseball simulation…
Batman is a character that transcends time. Regardless of your generation, everyone has "my Batman",…
Crimson Desert feels like it was designed in a lab by someone who wanted to…
HAMMOND, Ind. (WOWO) — An East Chicago woman who spent more than two decades collecting…
MIAMI BEACH, FL. (WOWO) — An Indiana University student and a recent graduate were killed…
TransAlta’s coal-fired power plant in Centralia, Wash., is among the facilities that received emergency orders…
This website uses cookies.