Research Report: OT/IoT Cybersecurity Trends and Insights in the First Half of 2024
Read the Report
Academy
Labs
Careers
Partner Login
Support
search bar

Codename I11USION: Eleven Practical Ways to Pwn Browser-Based HMIs

In this white paper, Nozomi Networks Labs shares novel research on browser-based HMIs, following an examination of five devices from five high-profile vendors.

Learn about: 

  • New attack vectors enabled by the inclusion of a browser in an industrial system
  • 11 prevalent security risks, from well-known web issues like XSS to lesser-recognized improper file operation restrictions
  • How attackers can exploit these vulnerabilities to gain full control over a browser-based HMI, allowing them to both disrupt industrial processes and manipulate displays to hide malicious activities
  • Mitigations that end users, vendors and the broader community can adopt
View Resource

Speakers

Codename I11USION: Eleven Practical Ways to Pwn Browser-Based HMIs
White Papers

Codename I11USION: Eleven Practical Ways to Pwn Browser-Based HMIs

June 11, 2024

In this white paper, Nozomi Networks Labs shares novel research on browser-based HMIs, following an examination of five devices from five high-profile vendors.

Learn about: 

  • New attack vectors enabled by the inclusion of a browser in an industrial system
  • 11 prevalent security risks, from well-known web issues like XSS to lesser-recognized improper file operation restrictions
  • How attackers can exploit these vulnerabilities to gain full control over a browser-based HMI, allowing them to both disrupt industrial processes and manipulate displays to hide malicious activities
  • Mitigations that end users, vendors and the broader community can adopt

In this white paper, Nozomi Networks Labs shares novel research on browser-based HMIs, following an examination of five devices from five high-profile vendors.

Learn about: 

  • New attack vectors enabled by the inclusion of a browser in an industrial system
  • 11 prevalent security risks, from well-known web issues like XSS to lesser-recognized improper file operation restrictions
  • How attackers can exploit these vulnerabilities to gain full control over a browser-based HMI, allowing them to both disrupt industrial processes and manipulate displays to hide malicious activities
  • Mitigations that end users, vendors and the broader community can adopt
SPEAKERS

In this white paper, Nozomi Networks Labs shares novel research on browser-based HMIs, following an examination of five devices from five high-profile vendors.

Learn about: 

  • New attack vectors enabled by the inclusion of a browser in an industrial system
  • 11 prevalent security risks, from well-known web issues like XSS to lesser-recognized improper file operation restrictions
  • How attackers can exploit these vulnerabilities to gain full control over a browser-based HMI, allowing them to both disrupt industrial processes and manipulate displays to hide malicious activities
  • Mitigations that end users, vendors and the broader community can adopt
IN PARTNERSHIP WITH
No items found.
SPEAKERS
Watch More
|
No items found.
No items found.
No items found.
No items found.
No items found.
No items found.
No items found.
Learn more link

Codename I11USION: Eleven Practical Ways to Pwn Browser-Based HMIs

In this white paper, Nozomi Networks Labs shares novel research on browser-based HMIs, following an examination of five devices from five high-profile vendors.

Learn about: 

  • New attack vectors enabled by the inclusion of a browser in an industrial system
  • 11 prevalent security risks, from well-known web issues like XSS to lesser-recognized improper file operation restrictions
  • How attackers can exploit these vulnerabilities to gain full control over a browser-based HMI, allowing them to both disrupt industrial processes and manipulate displays to hide malicious activities
  • Mitigations that end users, vendors and the broader community can adopt

Related Content

Research Report: OT/IoT Cybersecurity Trends and Insights

Learn more

Spoofing Drone Locations by Manipulating Remote ID Protocols and Communications

Learn more

Assessing the Threat Landscape for OT & IoT Security – A Review of the Second Half of 2023

Learn more

Other Resources For You

Research Report: OT/IoT Cybersecurity Trends and Insights

Learn more

Spoofing Drone Locations by Manipulating Remote ID Protocols and Communications

Learn more

Assessing the Threat Landscape for OT & IoT Security – A Review of the Second Half of 2023

Learn more

Research Report: Assessing the Threat Landscape

Learn more

Subscribe to our newsletter

View our Privacy Policy

Take the next step.

Discover how easy it is to identify and respond to cyber threats by automating your IoT and OT asset discovery, inventory, and management.

Request a DemoWatch Demo

Subscribe

LinkedIn

Demo

PLATFORM

Platform OverviewVantageCentral Management ConsoleGuardianGuardian AirArcAsset IntelligenceThreat IntelligenceSmart PollingPSIRT

Professional Services

OverviewDesignDeploymentFast TrackOptimizationProject Management

Solutions: Business needs

Threat Detection & ResponseContinuous Network MonitoringAsset Inventory ManagementRisk & Vulnerability ManagementIoT SecurityData Center Cybersecurity

Solutions: Compliance

NERC CIPNIS2 DirectiveTSA Security Directives

Solutions: Industry

AirportsElectric UtilitiesHealthcareFederal GovernmentManufacturingMaritimeMiningOil & GasPharmaceuticalRailRetailSmart CitiesWater & Wastewater

Learn

PartnersResourcesCompanyContact UsAcademyCareersLabsLegal
© 2024 Nozomi Networks Inc. All Rights Reserved. Privacy Policy and Certifications. System Status.