Light Dark
February 4, 2016 By Larry Loeb 2 min read

The Highway Addressable Remote Transducer (HART) Communications Protocol works with field devices to control parts in industrial control systems (ICS). It also collects data from sensors in order to monitor these industrial environments. The nature of this product makes security a priority, but researchers recently came across some flaws that could pose problems.

Applied Risk reported to SecurityWeek that it found several serious vulnerabilities in some products that use the WirelessHART networking technology. For instance, ProComSol has released an Android-based smart device communicator app for HART. Because of the way this app is configured, an attacker would only need knowledge of the vulnerabilities and an Android smartphone to carry out an exploit.

No Specifics on Networking Technology Vulnerabilities

Applied Risk hasn’t disclosed any specific details about the vulnerabilities of the networking technology since the software products at risk remain unpatched at this time. Vendors have been notified and are working on patches, according to Applied Risk.

The company did tell SecurityWeek that it identified several vulnerabilities in each of the products and brands analyzed. Some flaws share a common attack surface and are found on vulnerable devices around the world.

Unfortunately, the majority of the plants using them are most likely unaware of the risks, SecurityWeek reported. And with a lack of active monitoring systems in use throughout the related industries, an attack would probably go undetected.

“The most serious risk, however, is the loss of life in the case of explosions, especially in hazardous environments,” Jalal Bouhdada, the founder of Applied Risk, told SecurityWeek. “Alongside the potential impact to the environment, an attack could lead to significant reputational damage. End users and ICS suppliers must take a more proactive and thorough approach to testing — and implementing security measures to effectively tackle these threats.”

Others Have Found HART Problems

Applied Risk is not the only security firm to study the existence of vulnerabilities in HART-based devices. In 2014, for example, security researchers discovered that a widely used HART-related library was vulnerable to an exploit that could crash field devices. That issue was eventually fixed by Emerson Process Management.

Attacks on industrial control systems have been on the rise, according to an alert from the Industrial Control System Cyber Emergency Response Team (ICS-CERT). Whether this pathway will be severely exploited is not yet known, but users of the networking technology need to be aware of the potential danger.

 |  |  |  | 
Larry Loeb
Principal, PBC Enterprises

More from

March 4, 2025

FYSA — VMware Critical Vulnerabilities Patched

< 1 min read - SummaryBroadcom has released a security bulletin, VMSA-2025-0004, addressing and remediating three vulnerabilities that, if exploited, could lead to system compromise. Products affected include vCenter Server, vRealize Operations Manager, and vCloud Director.Threat TopographyThreat Type: Critical VulnerabilitiesIndustry: VirtualizationGeolocation: GlobalOverviewX-Force Incident Command is monitoring activity surrounding Broadcom’s Security Bulletin (VMSA-2025-0004) for three potentially critical vulnerabilities in VMware products. These vulnerabilities, identified as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, have reportedly been exploited in attacks. X-Force has not been able to validate those claims. The vulnerabilities…

February 21, 2025

SoaPy: Stealthy enumeration of Active Directory environments through ADWS

10 min read - Introduction Over time, both targeted and large-scale enumeration of Active Directory (AD) environments have become increasingly detected due to modern defensive solutions. During our internship at X-Force Red this past summer, we noticed FalconForce’s SOAPHound was becoming popular for enumerating Active Directory environments. This tool brought a new perspective to Active Directory enumeration by performing collection via Active Directory Web Services (ADWS) instead of directly through Lightweight Directory Access Protocol (LDAP) as other AD enumeration tools had in the past.…

February 14, 2025

Smoltalk: RCE in open source agents

26 min read - Big shoutout to Hugging Face and the smolagents team for their cooperation and quick turnaround for a fix! Introduction Recently, I have been working on a side project to automate some pentest reconnaissance with AI agents. Just after I started this project, Hugging Face announced the release of smolagents, a lightweight framework for building AI agents that implements the methodology described in the ReAct paper, emphasizing reasoning through iterative decision-making. Interestingly, smolagents enables agents to reason and act by generating…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature