Serial-to-Ethernet adapters used in industrial, retail, and healthcare environments to link serial devices to TCP/IP networks are riddled with vulnerabilities and outdated open-source components, researchers warn. The flaws enable various attacks scenarios, including taking full control of mission-critical equipment such as remote terminal units, programmable logic controllers, point-of-sale systems, and bedside patient monitors. In a new study dubbed BRIDGE:BREAK, researchers from cybersecurity firm Forescout analyzed the firmware from five major vendors of serial-to-IP converters and found that each firmware image contained on average 80 open-source software components with almost 2,500 kn...