Researchers at Forescout Vedere Labs uncovered 22 vulnerabilities, labeled BRIDGE:BREAK, in Lantronix and Silex serial-to-IP converters that put nearly 20,000 devices online at risk of hijack and data tampering. Vendors have released patches, and users are urged to remove internet exposure, change default credentials, and segment networks to limit attacker movement. #BRIDGEBREAK #Lantronix
Keypoints
- Forescout identified 22 vulnerabilities in Lantronix (EDS3000PS/EDS5000) and Silex (SD330-AC) serial-to-IP converters.
- Nearly 20,000 Serial-to-Ethernet converters were found exposed on the internet worldwide.
- Flaws span remote code execution, client-side code execution, DoS, authentication bypass, device takeover, firmware and configuration tampering, and information disclosure.
- Successful exploits can disrupt serial communications, alter sensor/actuator data, and enable lateral movement into critical networks.
- Lantronix and Silex issued security updates; recommended mitigations include patching, replacing default credentials, network segmentation, and removing direct internet exposure.
Read More: https://thehackernews.com/2026/04/22-bridgebreak-flaws-expose-20000.html