Skip to content
Tech News
← Back to articles

Serial-to-IP Devices Hide Thousands of Old & New Bugs

2026-04-20 | original
read original get Serial to Ethernet Converter → more articles
Why This Matters

The discovery of numerous vulnerabilities in serial-to-IP converters highlights a critical security risk for industrial networks, especially as these devices remain integral to modern infrastructure. This underscores the urgent need for improved cybersecurity measures and updates in industrial environments to prevent potential cyberattacks that could disrupt essential services.

Key Takeaways

Researchers have identified 20 new vulnerabilities in popular models of serial-to-IP converters — devices that sit at the heart of modern industrial networks. Even more worryingly, the same researchers counted thousands of known vulnerabilities in these very same devices' software stacks.

Complex on the inside, serial-to-IP converters — also known as serial device servers, or serial-to-Ethernet converters — do a relatively straightforward job: they translate the language of old industrial machinery into Internet-speak, and vice versa. It goes without saying just how significant this job is: without it, plant operators wouldn't be able to monitor older machinery from the comfort of their newfangled computers.

It may not come as a surprise, then, that serial-to-IP converters are often a target in major operational technology (OT) cyberattacks. In some of the most significant incidents in history — from the 2015 Ukrainian power grid attack to last year's attack against Poland — serial converters were manipulated in order to cut the line between plant operators and their machines, and delay recovery.

Related:Empty Attestations: OT Lacks the Tools for Cryptographic Readiness

One might imagine that these devices will become less important over time, as industries gradually adopt Internet-age industrial machines and phase out older behemoths. In fact, the opposite is true: industry analysts expect the market to rise continuously, if not double over the coming decade, as the behemoths stay in place, and the need for supervisory control and data acquisition (SCADA) grows in manufacturing, healthcare, and other major sectors.

It could be a problem, then, that serial-to-IP devices are universally built upon outdated libraries and old or even end-of-life operating systems (OS), and that they're buggy to the high heavens. At Black Hat Asia (BHA) 2026, researchers from Forescout will reveal the results of a study of these devices, in which they found nearly two dozen new vulnerabilities in a couple of popular models, and potentially thousands of old vulnerabilities across all major alternatives.

Critical Vulnerabilities in Serial Converters

With a few assumptions along the way, Forescout estimated that there might be more than 10 million serial device servers in the world today. A couple tens of thousands of them are inadvisably discoverable on the open Web.

Forescout's study focused on three popular models of converter from two of the larger vendors in the space: Lantronix's EDS3000PS and EDS5000PS, and Silex's SD330-AC. They found eight previously undisclosed bugs in the Lantronix models, and 12 affecting Silex.

Related:Industrial Controllers Still Vulnerable As Conflicts Move to Cyber

... continue reading

Explore topics: serial-to-ip industrial networks ot cyberattacks vulnerabilities serial device servers
Related:
CISA flags new SD-WAN flaw as actively exploited in attacks
Serial-to-IP Devices Hide Thousands of Old and New Bugs
Opinion | America’s Reactive AI Defense Isn’t Enough
Every Old Vulnerability Is Now an AI Vulnerability
Cal.com is going closed source

© 2026 GoKawiil

About | Editorial Policy | Contact