An alert regarding two critical vulnerabilities found in ZLAN Information Technology Co.’s ZLAN5143D industrial communication device.
According to the advisory (ICSA-26-041-02), successful exploitation could allow attackers to gain complete control of affected systems by bypassing authentication mechanisms or resetting device passwords remotely.
The vulnerabilities impact ZLAN5143D version 1.600, a device commonly used across global critical manufacturing environments for industrial control and communication functions.
CISA warned that public exploitation could allow malicious actors to compromise operational technology (OT) systems and disrupt industrial operations.
Researchers Shorabh Karir and Deepak Singh from KPMG discovered the weaknesses and responsibly reported them to CISA.
CVE IDCVSSDescriptionVendorProductAffected VersionCVE-2026-250849.8 (Critical)Missing authentication enables remote device control.ZLAN Information Technology Co.ZLAN5143D1.600CVE-2026-247899.8 (Critical)Unauthorized password reset leads to full compromise.ZLAN Information Technology Co.ZLAN5143D1.600
The flaws are characterized by missing authentication for critical functions, allowing unauthenticated attackers to access sensitive control commands directly.
Risk to Industrial Operators
Industrial operators relying on the ZLAN5143D series could face significant cybersecurity risks if these devices are exposed to the internet or integrated into inadequately segmented networks.
Because the vulnerabilities enable authentication bypass and password resets, an attacker could alter configurations, disrupt control commands, or potentially leverage the device as an entry point into wider industrial environments.
CISA said no public exploitation is known yet, but risk remains high due to widespread deployment and high CVSS scores.
CISA strongly advises organizations to isolate control networks from business IT environments and restrict all external access to ICS devices.
Recommended actions include minimizing network exposure, positioning devices behind firewalls, implementing VPNs for authorized remote access, and ensuring that all such software is kept up to date.
Before deploying defensive measures, organizations should perform a thorough impact assessment and review CISA’s industrial control systems security best practices available at cisa.gov/ics.
Additional mitigation guidance can be found in CISA’s technical information paper, ICS-TIP-12-146-01B – Targeted Cyber Intrusion Detection and Mitigation Strategies.
At present, ZLAN Information Technology Co. has not released a patch or specific update addressing these issues.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post CISA Warns of ZLAN ICS Devices Vulnerabilities Allows Complete Device Takeover appeared first on Cyber Security News.
