U.S.-made water pumps could be vulnerable to hackers due to a recently tracked bug.
The bug affects pumps used in golf courses, municipalities, biogas, agriculture, and manufacturing.
This security flaw affects the Osprey Pump Controller, a pump made by the American company ProPump.
- A successful exploit of this flaw could lead to the following:
- remote code execution,
- cross-site request forgery,
- authentication bypass,
- cross-site scripting,
- command injection,
- backdoor access,
- file disclosure, etc.
- According to researchers, the flaw could be used to entirely shut down the water supply.
In 2021, CISA warned that hackers had breached at least three water facilities in the U.S.
- The CISA warning was published only a month after a hacker was caught trying to poison the water supply in a city in Florida.
