- I tested a 'luxury' nugget ice maker, and it's totally worth it - plus it's $150 off for Black Friday
- The Dyson Airwrap is $120 off ahead of Black Friday - finally
- This 5-in-1 charging station replaced several desk accessories for me (and it's 33% off for Black Friday))
- The best Galaxy Z Flip 6 cases of 2024
- This retractable USB-C charger is my new favorite travel accessory (and it's on sale for Black Friday)
Cisco IoT wireless access points hit by severe command injection flaw
In a 2021 blog about the technology, Fluidmesh Network’s co-founder and former CEO Umberto Malesci gave several examples of how the technology was being used, including use cases that make possible a 1,000-device IP camera network on moving trains in France, enabling wireless control of port cranes in Malta, and as part of infrastructure supporting driverless metro trains in Milan.
“Imagine remotely monitoring and controlling moving assets on trains, subways, public transit, mines, or ports. If a few packets drop while you’re checking email, no one notices. In contrast, dropped packets when you’re remotely controlling a crane or autonomous vehicle can have serious consequences,” wrote Malesci.
The critical nature of these use cases underlines how important it is to patch the flaw as a high priority. However, it’s not clear how easy it would be for an attacker to target the vulnerability directly, given that this type of access point is normally isolated on a dedicated IoT network segment. If that is the case, an attacker would probably need wireless proximity to exploit the weakness.