CISA Warns: ZLAN ICS Flaws Allow Complete Devices Vulnerabilities
CISA has issued an urgent alert detailing two critical vulnerabilities found within ZLAN Information Technology Co.’s ZLAN5143D industrial communication device. According to the advisory...
CISA has issued an urgent alert detailing two critical vulnerabilities found within ZLAN Information Technology Co.’s ZLAN5143D industrial communication device.
According to the advisory (ICSA-26-041-02), successful exploitation could allow attackers to gain complete control of affected systems by bypassing authentication mechanisms or resetting device passwords remotely.
The vulnerabilities impact ZLAN5143D version 1.600, a device commonly used across global critical manufacturing environments for industrial control and communication functions.
CISA warned that public exploitation could allow malicious actors to compromise operational technology (OT) systems and disrupt industrial operations.
Researchers Shorabh Karir and Deepak Singh from KPMG discovered the weaknesses and responsibly reported them to CISA.
| CVE ID | CVSS | Description | Vendor | Product | Affected Version |
|---|---|---|---|---|---|
| CVE-2026-25084 | 9.8 (Critical) | Missing authentication enables remote device control. | ZLAN Information Technology Co. | ZLAN5143D | 1.600 |
| CVE-2026-24789 | 9.8 (Critical) | Unauthorized password reset leads to full compromise. | ZLAN Information Technology Co. | ZLAN5143D | 1.600 |
The flaws are characterized by missing authentication for critical functions, allowing unauthenticated attackers to access sensitive control commands directly.
Risk to Industrial Operators
Industrial operators relying on the ZLAN5143D series could face significant cybersecurity risks if these devices are exposed to the internet or integrated into inadequately segmented networks.
Because the vulnerabilities enable authentication bypass and password resets, an attacker could alter configurations, disrupt control commands, or potentially leverage the device as an entry point into wider industrial environments.
CISA said no public exploitation is known yet, but risk remains high due to widespread deployment and high CVSS scores.
CISA strongly advises organizations to isolate control networks from business IT environments and restrict all external access to ICS devices.
Recommended actions include minimizing network exposure, positioning devices behind firewalls, implementing VPNs for authorized remote access, and ensuring that all such software is kept up to date.
Before deploying defensive measures, organizations should perform a thorough impact assessment and review CISA’s industrial control systems security best practices available at cisa.gov/ics.
Additional mitigation guidance can be found in CISA’s technical information paper, ICS-TIP-12-146-01B – Targeted Cyber Intrusion Detection and Mitigation Strategies.
At present, ZLAN Information Technology Co. has not released a patch or specific update addressing these issues.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.
No Comment! Be the first one.