VNC applications consist of two parts: a server installed on the computer to which your employee connects remotely, and a client running on the device from which it connects. What the vulnerabilities are and how they can be exploited UltraVNC - a VNC variant built specifically for Windows it is also widely used in industrial production for connecting to HMIs.īugs were detected in all four systems: one in TurboVNC, four in TightVNC, ten in LibVNC, and as many as 22 in UltraVNC.TurboVNC - a VNC implementation for remote work with graphic, 3D, and video objects.TightVNC 1.X - an application recommended by vendors of industrial automation systems for connecting to a human–machine interface (HMI).LibVNC - a library, that is, a set of ready-made code snippets on which basis developers can create apps LibVNC is used, for example, in systems that allow remote connections to virtual machines, as well as iOS and Android mobile devices.Our experts looked at four common open-source VNC implementations: The actual figure is likely to be far higher. It is difficult to put a precise figure on the number of devices that use VNC systems, but judging by data from the Shodan search engine, more than 600,000 VNC servers can be accessed online. These implementations were found to contain a total of 37 vulnerabilities, some of which had gone unnoticed since 1999. VNC is a common remote access system widely employed for technical support, equipment monitoring, distance learning, and other purposes. Our ICS CERT studied several VNC (Virtual Network Computing) implementations. The downside is that it can provide an entry point into your corporate infrastructure for intruders, especially if the remote access tools you use are vulnerable. Remote access is convenient and at times indispensable.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |