The vulnerabilities in the Midas and Midas Black gas detectors manufactured by Honeywell can be exploited by hackers with a low skill level, according to the advisory, which was published Thursday by the Industrial Control System Cyber Emergency Response Team. The first weaknesses is a “path traversal” weakness, which allows remote attackers to bypass the normal authentication system. A second one results in the failure to encrypt user passwords when they’re being transmitted.
Read More on ArsTechnica