Targeting an industrial protocol gateway

This research analyzes the Anybus X-Gateway AB7832-F OT protocol gateway and discloses three vulnerabilities that allow trivial remote denial-of-service and unauthenticated configuration changes: a packet-induced crash via UDP/TCP port 7412 (CVE-2024-23765), an exposed unauthenticated web reboot endpoint (CVE-2024-23766), and an insecure HICP configuration protocol that sends cleartext passwords and can be abused or locked by attackers (CVE-2024-23767). The report includes PoCs, network discovery details, and remediation notes—HMS recommends replacement or network controls for affected legacy devices since some flaws cannot be patched.