Great Question: A Manufacturing Podcast How exploitable gaps in popular networking devices show how far OT cybersecurity still has to go
9 snips
Oct 28, 2025 Trae Mazza, a Senior Security Engineer at RMC Global, specializes in offensive security and has uncovered critical flaws in Siemens' industrial networking devices. He discusses the alarming vulnerabilities in popular OT systems, detailing issues like weak passwords and hidden access points. Trae also highlights the risks posed by diagnostic tools and emphasizes the need for layered defenses and improved authentication protocols. With insights into the growing convergence of IT and OT threats, he sheds light on the urgent need for enhanced cybersecurity measures in industrial environments.
AI Snips
Chapters
Transcript
Episode notes
Root Access Via Diagnostic Tools
- Trae Mazza described chaining an arbitrary file upload with an OS command injection in a TCP dump utility to gain root on a RuggedCom RX1400 device.
- He credited coworker Zach Levine for discovering the install-files vector that completed the exploit chain.
Pen Tests Embedded In Procurement
- RMC often assesses devices during procurement for utilities and reports findings to clients and vendors, pushing for transparent disclosures.
- Trey recounted breaking out of a read-only SCADA monitoring app to fully compromise the underlying Windows host.
Remove Test Accounts And Limit Brute Force
- Do scan for and remove hidden vendor test accounts and implement brute-force protections and password complexity enforcement on devices.
- Treat weak or single-letter passwords and undocumented accounts as high-risk findings even if they seem low impact.