Silex Technology SD-330AC and AMC Manager Vulnerabilities Expose Critical Infrastructure to Remote Attacks

Silex Technology has disclosed multiple critical vulnerabilities affecting its SD-330AC wireless LAN module and AMC Manager software, potentially exposing industrial control systems and network infrastructure to remote attacks.

The vulnerabilities, tracked under multiple CVE identifiers, affect devices used in critical infrastructure sectors including manufacturing, energy, and healthcare. The SD-330AC is a wireless LAN module commonly integrated into industrial equipment, while AMC Manager provides centralized management capabilities for these devices.

Critical Vulnerabilities Identified

The most severe vulnerability allows unauthenticated remote code execution through improper input validation in the device's web interface. Attackers can exploit this flaw without requiring any authentication credentials, potentially gaining complete control over affected devices.

Additional vulnerabilities include:

• Hard-coded credentials that cannot be changed by administrators
• Information disclosure through exposed debug interfaces
• Authentication bypass mechanisms
• Buffer overflow conditions in network packet processing

Affected Products and Versions

Silex Technology has confirmed the following products are affected:

• SD-330AC wireless LAN module (all firmware versions prior to 1.2.0)
• AMC Manager software version 1.0.0 and earlier
• Devices incorporating these components in their design

The vulnerabilities impact devices deployed across multiple critical infrastructure sectors, including industrial control systems, medical devices, and network infrastructure equipment.

CVSS Severity Ratings

Based on CVSS v3.1 scoring:

• Remote code execution vulnerability: CVSS 9.8 (Critical)
• Hard-coded credentials: CVSS 7.5 (High)
• Information disclosure: CVSS 6.5 (Medium)
• Authentication bypass: CVSS 8.8 (High)

Mitigation and Remediation

Silex Technology has released firmware updates addressing these vulnerabilities:

• SD-330AC firmware version 1.2.0
• AMC Manager version 1.1.0

Organizations are strongly advised to:

1. Immediately update all affected devices to the latest firmware versions
2. Isolate vulnerable devices from untrusted networks until patched
3. Review network segmentation policies for industrial control systems
4. Monitor network traffic for suspicious activity targeting these devices

Technical Details

The remote code execution vulnerability stems from insufficient input validation in the HTTP request handler. Attackers can craft malicious requests that trigger buffer overflows, allowing arbitrary code execution with root privileges on the affected devices.

The hard-coded credentials issue involves default administrative passwords embedded in the firmware that cannot be modified through normal configuration interfaces. These credentials provide full administrative access to device functions.

Impact Assessment

Successful exploitation could enable attackers to:

• Take complete control of affected devices
• Intercept and modify network traffic
• Deploy malware to connected industrial systems
• Create persistent backdoors in critical infrastructure
• Disrupt operations of connected equipment

Timeline and Disclosure

Silex Technology coordinated disclosure with CISA and security researchers, following industry-standard responsible disclosure practices. The company released patches and notified customers before public disclosure.

Recommendations for Organizations

Security teams should prioritize patching these vulnerabilities given their critical severity and potential impact on industrial control systems. Organizations should also:

• Conduct network scans to identify affected devices
• Implement network segmentation to limit exposure
• Enable logging and monitoring for suspicious activity
• Review incident response procedures for potential compromise

The vulnerabilities highlight the ongoing security challenges in industrial control systems and the importance of maintaining current firmware and security patches across all connected devices.

Additional Resources

• Silex Technology Security Advisory
• CISA Industrial Control Systems Advisory
• NIST National Vulnerability Database

Organizations requiring assistance with vulnerability assessment or mitigation should contact their security providers or Silex Technology's technical support team.